badges.wes.org Open in urlscan Pro
2606:4700:10::6814:1a36  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

• https://www.google-analytics.com/r/collect?v=1&_v=j79&a=559855678&t=pageview&_s=1&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ul=en-us&de=UTF-8&dt=Badge%20Evidence&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1757820491&gjid=816350706&cid=1568816698.1578586420&tid=UA-2132518-1&_gid=1675196634.1578586420&_r=1&gtm=2wgc61KNVLN7F&z=959224901 HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_gid=1675196634.1578586420&gjid=816350706&_v=j79&z=959224901 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_v=j79&z=959224901 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_v=j79&z=959224901&slf_rd=1&random=1115837811

Request Chain 25

• https://s.adroll.com/j/exp/GOPDDBEERFCDXPLALJULI6/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 26

• https://d.adroll.mgr.consensu.org/consent/iabcheck/GOPDDBEERFCDXPLALJULI6?_s=49a66c282969c6bdf53c1e0d1431c4f5&_b=2 HTTP 302
• https://d.adroll.com/consent/check/GOPDDBEERFCDXPLALJULI6/?_s=49a66c282969c6bdf53c1e0d1431c4f5&_b=2

Request Chain 32

• https://d.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&pv=20872205048.68452&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca HTTP 302
• https://s.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR/7YG2L3NMUREZPN623NKNLS.js

Request Chain 34

• https://d.adroll.com/cm/aol/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://pixel.advertising.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://pixel.advertising.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPff9a0cc4-32fa-11ea-91b6-06495ad9c1b0 HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPff9a0cc4-32fa-11ea-91b6-06495ad9c1b0&verify=true

Request Chain 35

• https://d.adroll.com/cm/index/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expiration=1610122419 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expiration=1610122419&C=1

Request Chain 36

• https://d.adroll.com/cm/n/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expires=365

Request Chain 37

• https://d.adroll.com/cm/outbrain/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM HTTP 302
• https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&rdrctExp=true

Request Chain 38

• https://d.adroll.com/cm/pubmatic/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 39

• https://d.adroll.com/cm/r/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 40

• https://d.adroll.com/cm/taboola/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM

Request Chain 41

• https://d.adroll.com/cm/triplelift/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://eb2.3lift.com/xuid?mid=4714&xuid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&dongle=c85e HTTP 302
• https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 42

• https://d.adroll.com/cm/b/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM

Request Chain 43

• https://d.adroll.com/cm/x/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM

Request Chain 44

• https://d.adroll.com/cm/l/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=9abcf08be407da3b8b85349ba60a839c

Request Chain 45

• https://d.adroll.com/cm/o/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=9abcf08be407da3b8b85349ba60a839c HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9abcf08be407da3b8b85349ba60a839c

Request Chain 46

• https://d.adroll.com/cm/g/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6&google_nid=adroll5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mrzwi-QH2juLhTSbpgqDnA HTTP 302
• https://d.adroll.com/cm/g/in

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request Evidence Show response badges.wes.org/	5 KB 2 KB	472ms 425ms	Document text/html	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash e9186c114d965d54947888658c185eb57675c42aa176af660b0ecc3433829678 Request headers :method GET :authority badges.wes.org :scheme https :path /Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 date Thu, 09 Jan 2020 16:13:39 GMT content-type text/html; charset=utf-8 set-cookie __cfduid=da613274e309aaaa6bafef5f61ed0b5861578586418; expires=Sat, 08-Feb-20 16:13:38 GMT; path=/; domain=.wes.org; HttpOnly; SameSite=Lax cache-control private x-aspnetmvc-version 5.2 x-aspnet-version 4.0.30319 x-powered-by ASP.NET cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5527b31d58fa97de-FRA content-encoding gzip
GET H2	200	bootstrap.css badges.wes.org/Evidence/Content/	161 KB 22 KB	414ms 413ms	Stylesheet text/css	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/Content/bootstrap.css Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 75b591c191d159fc70a7c84bd2384e8a711628451fe2249de4f479ba4c4d6a18 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip etag W/"0aaa3fed7e7d31:0" cf-cache-status REVALIDATED last-modified Wed, 09 May 2018 20:55:00 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5527b3200d8797de-FRA
GET H2	200	master.css badges.wes.org/Evidence/Content/	36 KB 6 KB	415ms 414ms	Stylesheet text/css	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/Content/master.css Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 5d3ba28d218618efd46d1ac83e6065b82aa04f1cd15ba2685786054ed137401e Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip etag W/"03e1c9b954ed41:0" cf-cache-status REVALIDATED last-modified Mon, 17 Sep 2018 14:49:16 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 cf-ray 5527b3200d8897de-FRA
GET H2	200	Site.css badges.wes.org/Evidence/Content/	6 KB 2 KB	413ms 413ms	Stylesheet text/css	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/Content/Site.css Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 1c21195714b45657a19291096e43deddd6e94fcd8e0f67b6db36299a685b4607 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Mon, 17 Sep 2018 14:52:14 GMT server cloudflare x-powered-by ASP.NET etag "0e3345964ed41:0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b3200d8b97de-FRA content-length 1663
GET H2	200	wes_logo.png badges.wes.org/Evidence/Content/img/	13 KB 13 KB	409ms 408ms	Image image/png	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://badges.wes.org/Evidence/Content/img/wes_logo.png Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b58bb7f1016bbd33396ab04280a0e386c5b661c867ec62bfacfc0cb088bfe0f5 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "0524efbec6d31:0" cf-cache-status REVALIDATED last-modified Wed, 28 Mar 2018 18:02:28 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b3200d8d97de-FRA content-length 13436
GET H2	200	wes-digital_badge-icon.png badges.wes.org/Evidence/Content/img/	32 KB 32 KB	403ms 402ms	Image image/png	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Show image Full URL https://badges.wes.org/Evidence/Content/img/wes-digital_badge-icon.png Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash b8332573a330f8feb6c924e337ae4dd765a152fa4c24445790ba2aab2f35caf8 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "016fef7f7d0d31:0" cf-cache-status REVALIDATED last-modified Tue, 10 Apr 2018 18:15:56 GMT server cloudflare x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b3200d9197de-FRA content-length 32709
GET H2	200	jquery Show response badges.wes.org/Evidence/bundles/	91 KB 33 KB	393ms 392ms	Script text/javascript	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/bundles/jquery?v=FVs3ACwOLIVInrAl5sdzR2jrCDmVOWFbZMY6g6Q0ulE1 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 8e36a92b48ce8c4a823f7703ae2b1d91a96baf49a3c5c20fa0441df4c20bb3ec Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Thu, 09 Jan 2020 16:13:39 GMT server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent content-type text/javascript; charset=utf-8 status 200 cache-control public cf-ray 5527b322999b97de-FRA expires Fri, 08 Jan 2021 16:13:39 GMT
GET H2	200	bootstrap Show response badges.wes.org/Evidence/bundles/	30 KB 9 KB	386ms 385ms	Script text/javascript	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/bundles/bootstrap?v=2Fz3B0iizV2NnnamQFrx-NbYJNTFeBJ2GM05SilbtQU1 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 0c477768d9d0fad3f16c9a5a43644a5d0b8556181940a8646c7901e6dc2a8279 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip cf-cache-status DYNAMIC last-modified Thu, 09 Jan 2020 16:13:39 GMT server cloudflare x-aspnet-version 4.0.30319 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary User-Agent content-type text/javascript; charset=utf-8 status 200 cache-control public cf-ray 5527b32299ae97de-FRA expires Fri, 08 Jan 2021 16:13:39 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	101 KB 31 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:816::2008 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KNVLN7F Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Google Tag Manager / Resource Hash a2232bd6cf40e220c6b4b5d2279da1323d52b114fd1c2812cdc9208de47a2b69 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding br last-modified Thu, 09 Jan 2020 15:00:00 GMT server Google Tag Manager access-control-allow-origin http://www.googletagmanager.com vary Accept-Encoding content-type application/javascript; charset=UTF-8 status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control content-length 31467 x-xss-protection 0 expires Thu, 09 Jan 2020 16:13:39 GMT
GET H2	200	montserrat_light-webfont.woff2 badges.wes.org/Evidence/fonts/	18 KB 18 KB	16ms 15ms	Font application/font-woff2	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/fonts/montserrat_light-webfont.woff2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 13f4bb6643ddb35c82c53062d2c3f4dc880cd3b00887987047458bb9a6c68e11 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence/Content/master.css Origin https://badges.wes.org Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "045b6afed69d31:0" cf-cache-status HIT last-modified Thu, 30 Nov 2017 15:12:50 GMT server cloudflare age 3166 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b322b9d897de-FRA content-length 18720
GET H2	200	montserrat_bold-webfont.woff2 badges.wes.org/Evidence/fonts/	18 KB 18 KB	19ms 19ms	Font application/font-woff2	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/fonts/montserrat_bold-webfont.woff2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash c1ab2d2f6b2bb0625248c3c635ec05a9978b42f57b416e9feb61033262fc966e Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence/Content/master.css Origin https://badges.wes.org Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "045b6afed69d31:0" cf-cache-status HIT last-modified Thu, 30 Nov 2017 15:12:50 GMT server cloudflare age 3165 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b322b9dc97de-FRA content-length 18632
GET H2	200	montserrat_semibold-webfont.woff2 badges.wes.org/Evidence/fonts/	18 KB 18 KB	17ms 16ms	Font application/font-woff2	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/fonts/montserrat_semibold-webfont.woff2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 57f7f09f37455ce6f126972644fa7372347eb1af589087f4381e2fdc815955e9 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence/Content/master.css Origin https://badges.wes.org Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "045b6afed69d31:0" cf-cache-status HIT last-modified Thu, 30 Nov 2017 15:12:50 GMT server cloudflare age 3165 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b322b9de97de-FRA content-length 18744
GET H2	200	sourcesanspro-regular-webfont.woff2 badges.wes.org/Evidence/fonts/	23 KB 23 KB	17ms 17ms	Font application/font-woff2	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/fonts/sourcesanspro-regular-webfont.woff2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash efdb443f4dd0eab380d294a82574ebbca5bf67ab0e36be3c8bd452b4a5cfc521 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence/Content/master.css Origin https://badges.wes.org Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "045b6afed69d31:0" cf-cache-status HIT last-modified Thu, 30 Nov 2017 15:12:50 GMT server cloudflare age 3165 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b322b9e197de-FRA content-length 23528
GET H2	200	montserrat_regular-webfont.woff2 badges.wes.org/Evidence/fonts/	18 KB 18 KB	26ms 26ms	Font application/font-woff2	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/fonts/montserrat_regular-webfont.woff2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash d2ab33b00422b7d8bf6bfc42f56710e4e8817bd3c4282d0d4175aebcab905f6b Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence/Content/master.css Origin https://badges.wes.org Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "045b6afed69d31:0" cf-cache-status HIT last-modified Thu, 30 Nov 2017 15:12:50 GMT server cloudflare age 3164 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b322b9e597de-FRA content-length 18632
GET H2	200	sourcesanspro-bold-webfont.woff2 badges.wes.org/Evidence/fonts/	23 KB 23 KB	14ms 14ms	Font application/font-woff2	2606:4700:10::6814:1a36 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://badges.wes.org/Evidence/fonts/sourcesanspro-bold-webfont.woff2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6814:1a36 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / ASP.NET Resource Hash 2c449bfcdf3b228d2ec688ff2e2c10b71189b82924dd24698ddf865419f5ee81 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence/Content/master.css Origin https://badges.wes.org Response headers date Thu, 09 Jan 2020 16:13:39 GMT etag "045b6afed69d31:0" cf-cache-status HIT last-modified Thu, 30 Nov 2017 15:12:50 GMT server cloudflare age 3164 x-powered-by ASP.NET expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 status 200 cache-control max-age=14400 accept-ranges bytes cf-ray 5527b322c9ef97de-FRA content-length 23260
GET H2	200	analytics.js Show response www.google-analytics.com/	43 KB 17 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:816::200e Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNVLN7F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Mon, 19 Aug 2019 17:22:41 GMT server Golfe2 age 2125 date Thu, 09 Jan 2020 15:38:14 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 17803 expires Thu, 09 Jan 2020 17:38:14 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	5 KB 2 KB	25ms 25ms	Script application/javascript	151.101.112.157 Fastly
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNVLN7F Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip age 28812 x-cache HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" status 200 content-length 1954 x-served-by cache-hhn4078-HHN last-modified Tue, 23 Jan 2018 20:09:00 GMT x-timer S1578586420.673281,VS0,VE0 etag "b7b33882a4f3ffd5cbf07434f3137166+gzip" vary Accept-Encoding,Host content-type application/javascript; charset=utf-8 via 1.1 varnish cache-control no-cache accept-ranges bytes
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	35 KB 12 KB	21ms 20ms	Script text/javascript	95.100.196.159 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNVLN7F Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-100-196-159.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 10bdeb0242f97e5483f914eb5b752df183725a366af8f0c9ba8bb645586006ff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id _IkEf6DskU5rqggn.I2sIuaN0nx2cwvp Content-Encoding gzip x-amz-request-id F9D0DA43F8A7D2E7 x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Thu, 09 Jan 2020 16:13:39 GMT Connection keep-alive Content-Length 11267 x-amz-id-2 kYq/HvQE2in2V0OJHqAxqYPYGdFqWIY5daBAJ8M6lbP+uFyBfe2MEB4kG/n5piNS5k7o+rxgLSo= Last-Modified Tue, 17 Dec 2019 22:01:13 GMT Server AmazonS3 ETag "94890c8a120a76710f8edb7ac61589bf" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	26 KB 10 KB	31ms 31ms	Script text/javascript	172.217.22.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNVLN7F Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f98.1e100.net Software cafe / Resource Hash d8678ca34e4815f18939c65aeddb30a6bd5332a41d843b109218319f73cb0fdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 9937 x-xss-protection 0 server cafe etag 2163967560479294588 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Thu, 09 Jan 2020 16:13:39 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	126 KB 30 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 content-length 30426 x-xss-protection 0 pragma public x-fb-debug sXR6QQqNZ+acW6XRPrSD0Zgm3GZeN1+aC0yZzwestobdve+gkDRrYpmyhKCHJNNKkbFnO6eP0LcfOEnCnmnBDA== x-fb-trip-id 1850256238 date Thu, 09 Jan 2020 16:13:39 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	38 KB 14 KB	1032ms 404ms	Script application/javascript	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?36f63a126b1af79a83cb1ec43112acd5 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 7a08064a12577a1b7c32b73ec96fc76b699127cb20b61d8cdd9a6903c1760e2c Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 09 Jan 2020 16:13:40 GMT Content-Encoding gzip Server apache Etag ac9e0f6d2c11761aa4345e64ab847f21 Strict-Transport-Security max-age=172800 P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Cache-Control max-age=0, must-revalidate Content-Type application/javascript Content-Length 13754
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/	1 KB 1 KB	23ms 23ms	Script application/x-javascript	95.101.176.176 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/munchkin.js Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-101-176-176.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 190843f3560a062c4bdbe6345df8080442b5c186bb89cf95785281ad0f2af9c7 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 09 Jan 2020 16:13:39 GMT Content-Encoding gzip Last-Modified Tue, 07 Jan 2020 03:41:23 GMT Server Apache ETag "a71b3b3308a96a8cf1cf1ab965ca19a9:1578368483" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 761
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://www.google-analytics.com/r/collect?v=1&_v=j79&a=559855678&t=pageview&_s=1&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ul=en-us&de=UTF-8... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_gid=1675196634.1578586420&gjid=816350706&_v=j79&z=959224901 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_v=j79&z=959224901 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_v=j79&z=959224901&slf_rd=1&random=1115837811	42 B 109 B	19ms 18ms	Image image/gif	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_v=j79&z=959224901&slf_rd=1&random=1115837811 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT x-content-type-options nosniff server cafe timing-allow-origin * location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2132518-1&cid=1568816698.1578586420&jid=1757820491&_v=j79&z=959224901&slf_rd=1&random=1115837811 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 cache-control no-cache, no-store, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/r/	35 B 111 B	15ms 15ms	Image image/gif	2a00:1450:4001:816::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j79&a=559855678&t=pageview&_s=1&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ul=en-us&de=UTF-8&dt=Badge%20Evidence&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEDAAEAB~&jid=2016419904&gjid=1731939678&cid=1568816698.1578586420&tid=UA-137694707-1&_gid=1675196634.1578586420&_r=1&gtm=2wgc61KNVLN7F&z=1142662885 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 access-control-allow-origin * content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1576341132417108 Show response connect.facebook.net/signals/config/	447 KB 112 KB	153ms 153ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1576341132417108?v=2.9.15&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 6d9ffa427db8d7e377d4757de5040b2c0950bdd8844c8eddbfc9071509ef5735 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug F6F8YMlmD+g70q+m6wvhXDUWm2EiSyUI/GzxpY/6BSwdGeemV6+gEQhlsL9FfRGmlxgmdBDanXCoE8A2nR5X0g== x-fb-trip-id 1850256238 date Thu, 09 Jan 2020 16:13:39 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	munchkin.js Show response munchkin.marketo.net/156/	9 KB 5 KB	65ms 64ms	Script application/x-javascript	95.101.176.176 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://munchkin.marketo.net/156/munchkin.js Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.101.176.176 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-101-176-176.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e6cf48bc1bfd904673cda470939d69e4c555779587d2361e65d03869b26eeebf Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 09 Jan 2020 16:13:39 GMT Content-Encoding gzip Last-Modified Tue, 17 Sep 2019 20:22:41 GMT Server Apache ETag "24e78e4d5137c385c6e3393d80cfd6bf:1568751761" Vary Accept-Encoding P3P policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" Cache-Control max-age=8640000 Connection keep-alive Accept-Ranges bytes Content-Type application/x-javascript Content-Length 4198 Expires Sat, 18 Apr 2020 16:13:39 GMT
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/GOPDDBEERFCDXPLALJULI6/index.js https://s.adroll.com/j/exp/index.js	28 B 680 B	17ms 16ms	Script application/javascript	95.100.196.159 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-100-196-159.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id Bp2xbicXu5bCzXM3QVD7QZeRB0sYJmZ0 x-amz-request-id CF21B5BD7FABB731 x-amz-server-side-encryption AES256 Date Thu, 09 Jan 2020 16:13:39 GMT Connection keep-alive Content-Length 28 x-amz-id-2 cLZmhfnAULCQGQBsNL9XshdTRYuX5nVHya4FqCae539r/QMJ7NqY24OnDyjopISJIgcHCCaH9UU= Last-Modified Tue, 07 Jan 2020 16:12:09 GMT Server AmazonS3 ETag "5816cced8568d223aa09d889f300692b" Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers Date Thu, 09 Jan 2020 16:13:39 GMT Server AkamaiGHost Access-Control-Allow-Origin * Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Location https://s.adroll.com/j/exp/index.js Access-Control-Allow-Credentials false Connection keep-alive Access-Control-Allow-Headers * Content-Length 0
GET H2	200	/ Show response d.adroll.com/consent/check/GOPDDBEERFCDXPLALJULI6/ Redirect Chain https://d.adroll.mgr.consensu.org/consent/iabcheck/GOPDDBEERFCDXPLALJULI6?_s=49a66c282969c6bdf53c1e0d1431c4f5&_b=2 https://d.adroll.com/consent/check/GOPDDBEERFCDXPLALJULI6/?_s=49a66c282969c6bdf53c1e0d1431c4f5&_b=2	115 B 584 B	34ms 33ms	Script application/javascript	54.171.23.184 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/GOPDDBEERFCDXPLALJULI6/?_s=49a66c282969c6bdf53c1e0d1431c4f5&_b=2 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-171-23-184.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash c16187e4fc3376f1e9af34703979d3f9d9cca87067adc4a63d2c0cefa5828248 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT server nginx/1.16.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 200 cache-control no-store, no-cache, must-revalidate content-type application/javascript content-length 115 Redirect headers status 302 date Thu, 09 Jan 2020 16:13:39 GMT server nginx/1.16.1 content-length 105 location https://d.adroll.com/consent/check/GOPDDBEERFCDXPLALJULI6/?_s=49a66c282969c6bdf53c1e0d1431c4f5&_b=2
GET H2	200	adsct t.co/i/	43 B 171 B	134ms 134ms	Image image/gif	104.244.42.133 Twitter Inc.
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyfcd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip x-content-type-options nosniff status 200, 200 OK x-twitter-response-tags BouncerCompliant strict-transport-security max-age=0 content-length 65 x-xss-protection 0 x-response-time 109 pragma no-cache last-modified Thu, 09 Jan 2020 16:13:39 GMT server tsa_o x-frame-options SAMEORIGIN content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 48bec156c7f5e0cacf35a15f07f18edd x-transaction 0064d8b200510b69 expires Tue, 31 Mar 1981 05:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/827670344/	2 KB 1 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:81b::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827670344/?random=1578586419705&cv=9&fst=1578586419705&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&tiba=Badge%20Evidence&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 87c372b82809a674efccf0be53c497bbbe77fd00e3e8f37b20e8c0aeb8c382b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT content-encoding gzip x-content-type-options nosniff content-type text/javascript; charset=UTF-8 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 1037 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/827670344/	42 B 110 B	26ms 24ms	Image image/gif	2a00:1450:4001:825::2004 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/827670344/?random=1578586419705&cv=9&fst=1578585600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&tiba=Badge%20Evidence&async=1&fmt=3&is_vtc=1&random=2251155545&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/827670344/	42 B 110 B	23ms 22ms	Image image/gif	2a00:1450:4001:825::2003 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/827670344/?random=1578586419705&cv=9&fst=1578585600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgc61&sendb=1&frm=0&url=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&tiba=Badge%20Evidence&async=1&fmt=3&is_vtc=1&random=2251155545&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT x-content-type-options nosniff content-type image/gif server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	visitWebPage Show response 317-ctm-316.mktoresp.com/webevents/	2 B 303 B	540ms 100ms	XHR text/plain	192.28.144.124 Adobe Systems Inc.
General Check archive.org Show headers Download Go to Full URL https://317-ctm-316.mktoresp.com/webevents/visitWebPage?_mchNc=1578586419776&_mchCn=&_mchId=317-CTM-316&_mchTk=_mch-wes.org-1578586419775-78097&_mchHo=badges.wes.org&_mchPo=&_mchRu=%2FEvidence&_mchPc=https%3A&_mchVr=156&_mchHa=&_mchRe=&_mchQp=i%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9__-__type%3Dca Requested by Host: munchkin.marketo.net URL: https://munchkin.marketo.net/156/munchkin.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 192.28.144.124 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US), Reverse DNS Software akka-http/10.1.7 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Origin https://badges.wes.org Response headers Access-Control-Allow-Origin * Date Thu, 09 Jan 2020 16:13:40 GMT Content-Encoding gzip Server akka-http/10.1.7 Transfer-Encoding chunked X-Request-Id e9beed51-a93c-47ab-b2bc-37fc358c991e Content-Type text/plain; charset=UTF-8
GET H/1.1	200 OK	7YG2L3NMUREZPN623NKNLS.js Show response s.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR/ Redirect Chain https://d.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&pv=20872205048.68452&cookie=&adroll_s_ref=&keyw=&arrfrr=h... https://s.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR/7YG2L3NMUREZPN623NKNLS.js	5 KB 2 KB	17ms 17ms	Script text/javascript	95.100.196.159 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR/7YG2L3NMUREZPN623NKNLS.js Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-100-196-159.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 8d7dc1b4e8086cee9e5847e990c2f0918237bffd6b1a542b5da92e2611c98e0b Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id b0tBvRgYhW7A7_9lBUrzdPaRDVZ4YJXJ Content-Encoding gzip x-amz-request-id FA343C734D82B11C x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Thu, 09 Jan 2020 16:13:39 GMT Connection keep-alive Content-Length 1749 x-amz-id-2 lLUmDQN+WHm4EersqKJtNmN4saBdvcY/Cp4h61IwSUypUl/Uyf6atON36H1/EvW7h0SUF0L2xNE= Last-Modified Thu, 12 Dec 2019 19:15:06 GMT Server AmazonS3 ETag "24d98c98b1c2682a8e11919fd404cbef" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers date Thu, 09 Jan 2020 16:13:39 GMT x-segment-display-name p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 content-length 0 pragma no-cache x-conversion-value 0.0 server nginx/1.16.1 x-rule * x-segment-eid 7YG2L3NMUREZPN623NKNLS location https://s.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR/7YG2L3NMUREZPN623NKNLS.js cache-control no-store, no-cache, must-revalidate x-pixel-eid OW345CPIJZDOPMWU2HELOR x-segment-name * x-advertisable-eid GOPDDBEERFCDXPLALJULI6 x-conversion-currency
GET H/1.1	200 OK	sendrolling.js Show response s.adroll.com/j/	9 KB 3 KB	17ms 16ms	Script text/javascript	95.100.196.159 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/sendrolling.js Requested by Host: s.adroll.com URL: https://s.adroll.com/pixel/GOPDDBEERFCDXPLALJULI6/OW345CPIJZDOPMWU2HELOR/7YG2L3NMUREZPN623NKNLS.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.100.196.159 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-100-196-159.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-amz-version-id TwL74Ndi.ohfgakG5RBcZUF4fIeroO3M Content-Encoding gzip x-amz-request-id 10A2864406149BC6 x-amz-server-side-encryption AES256 Access-Control-Max-Age 600 Date Thu, 09 Jan 2020 16:13:39 GMT Connection keep-alive Content-Length 2039 x-amz-id-2 PJQf3ZXQ67kuFIZ1jTwpx+dzO3/spweSPnVUScjTyWGGJEwUarxqLH9ASErwTVQ5ZC64kJ1t278= Last-Modified Tue, 07 Jan 2020 19:01:12 GMT Server AmazonS3 ETag "15441b08d0c4f93b1dd5f533cd361cd8" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/aol/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://pixel.advertising.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://pixel.advertising.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPff9a0cc4-32fa-11ea-91b6-06... https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPff9a0cc4-32fa-11ea-91b6-06...	0 505 B	28ms 28ms	Image text/plain	3.122.174.9 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPff9a0cc4-32fa-11ea-91b6-06495ad9c1b0&verify=true Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.122.174.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-3-122-174-9.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 204 date Thu, 09 Jan 2020 16:13:40 GMT strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers status 302 date Thu, 09 Jan 2020 16:13:40 GMT strict-transport-security max-age=31536000 content-length 0 location https://ups.analytics.yahoo.com/ups/55980/sync?uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPff9a0cc4-32fa-11ea-91b6-06495ad9c1b0&verify=true p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Redirect Chain https://d.adroll.com/cm/index/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expiration=1610122419 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expiration=1610122419&C=1	43 B 898 B	44ms 44ms	Image image/gif	95.100.197.53 Akamai Technologies
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expiration=1610122419&C=1 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a95-100-197-53.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Thu, 09 Jan 2020 16:13:40 GMT Server Apache P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 09 Jan 2020 16:13:40 GMT Redirect headers Pragma no-cache Date Thu, 09 Jan 2020 16:13:39 GMT Server Apache P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expiration=1610122419&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 333 Expires Thu, 09 Jan 2020 16:13:39 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Redirect Chain https://d.adroll.com/cm/n/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expires=365	0 239 B	128ms 35ms	Image image/gif	69.173.144.138 The Rubicon Project
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expires=365 Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Cache-Control no-cache,no-store,must-revalidate Content-Type image/gif P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 3bafef7aa4e37890defcd73f0a080481 Expires 0 Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT server nginx/1.16.1 location https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&expires=365 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 124
GET H2	200	cookie-sync sync.outbrain.com/ Redirect Chain https://d.adroll.com/cm/outbrain/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&rdrctExp=true	0 357 B	135ms 135ms	Image text/plain	151.101.14.2 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&rdrctExp=true Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:40 GMT via 1.1 varnish, 1.1 varnish traffic-path CHIDC2, MDW, FRA, Europe2 x-traceid 47d83a51744d7d98509d7d466f68e7a2 x-timer S1578586420.055530,VS0,VE113 x-cache MISS, MISS status 200 backend-ip 157.52.75.28 x-cache-hits 0, 0 accept-ranges bytes, bytes content-length 0 x-served-by cache-mdw17328-MDW, cache-fra19141-FRA Redirect headers date Thu, 09 Jan 2020 16:13:40 GMT via 1.1 varnish, 1.1 varnish traffic-path CHIDC2, MDW, FRA, Europe2 x-traceid 95177faba34f8a3f5154a90eb7b2a54c x-timer S1578586420.923268,VS0,VE109 location https://sync.outbrain.com/cookie-sync?p=adroll&uid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&rdrctExp=true x-cache MISS, MISS status 302 backend-ip 157.52.75.45 x-cache-hits 0, 0 accept-ranges bytes, bytes content-length 0 x-served-by cache-mdw17345-MDW, cache-fra19141-FRA
GET H/1.1	200 OK	Pug simage2.pubmatic.com/AdServer/ Redirect Chain https://d.adroll.com/cm/pubmatic/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...	1 B 989 B	74ms 18ms	Image text/html	185.64.189.110 PubMatic
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US), Reverse DNS Software Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Thu, 09 Jan 2020 16:13:39 GMT X-lat Pug22009:0:486 Server Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 Cache-Control no-store, no-cache, private P3P CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" X-Cnection close Content-Type text/html; charset=utf-8 Content-Length 1 Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:39 GMT server nginx/1.16.1 location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 220
GET H2	200	in d.adroll.com/cm/r/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA	42 B 501 B	32ms 32ms	Image image/gif	54.171.23.184 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-171-23-184.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT server nginx/1.16.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 200 cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 Redirect headers Date Thu, 09 Jan 2020 16:13:40 GMT X-Content-Type-Options nosniff Server ATS Age 0 Expect-CT max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" Strict-Transport-Security max-age=31536000 P3P policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV" Location https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Connection keep-alive Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	204	/ trc.taboola.com/sg/adroll-network/1/rtb-h/ Redirect Chain https://d.adroll.com/cm/taboola/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM	0 241 B	35ms 32ms	Image text/plain	151.101.114.2 Fastly
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers x-vcl-time-ms 11 date Thu, 09 Jan 2020 16:13:40 GMT via 1.1 varnish server nginx x-timer S1578586420.033987,VS0,VE11 x-served-by cache-hhn4079-HHN x-cache MISS status 204 accept-ranges bytes x-cache-hits 0 Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT server nginx/1.16.1 location https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 111
GET H2	200	xuid eb2.3lift.com/ Redirect Chain https://d.adroll.com/cm/triplelift/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://eb2.3lift.com/xuid?mid=4714&xuid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&dongle=c85e https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&dongle=c85e&gdpr=1&cmp_cs=	37 B 334 B	28ms 28ms	Image image/gif	52.57.98.188 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&dongle=c85e&gdpr=1&cmp_cs= Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.57.98.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-57-98-188.eu-central-1.compute.amazonaws.com Software / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Thu, 09 Jan 2020 16:13:40 GMT cache-control no-cache, no-store, must-revalidate p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC" content-length 37 content-type image/gif Redirect headers status 302 date Thu, 09 Jan 2020 16:13:40 GMT cache-control no-cache, no-store, must-revalidate content-length 0 location /xuid?ld=1&mid=4714&xuid=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM&dongle=c85e&gdpr=1&cmp_cs= p3p policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H2	200	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://x.bidswitch.net/sync?dsp_id=44&user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM	43 B 378 B	45ms 44ms	Image image/gif	52.59.42.109 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.59.42.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-52-59-42-109.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 200 date Thu, 09 Jan 2020 16:13:40 GMT cache-control no-cache, no-store, must-revalidate p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 43 content-type image/gif Redirect headers status 302 date Thu, 09 Jan 2020 16:13:40 GMT cache-control no-cache, no-store, must-revalidate content-length 0 location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H/1.1	200 OK	setuid ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://ib.adnxs.com/setuid?entity=172&code=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM	43 B 878 B	72ms 23ms	Image image/gif	37.252.172.249 AppNexus
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=172&code=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Thu, 09 Jan 2020 16:13:42 GMT AN-X-Request-Uuid 03799c95-2788-4cbd-b9a2-a4e89c354b62 Content-Type image/gif Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 89.38.96.189; 89.38.96.189; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.107:80 Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT server nginx/1.16.1 location https://ib.adnxs.com/setuid?entity=172&code=OWFiY2YwOGJlNDA3ZGEzYjhiODUzNDliYTYwYTgzOWM p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 93
GET H2	204	377928.gif idsync.rlcdn.com/ Redirect Chain https://d.adroll.com/cm/l/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://idsync.rlcdn.com/377928.gif?partner_uid=9abcf08be407da3b8b85349ba60a839c	0 40 B	117ms 117ms	Image text/plain	35.190.72.21 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/377928.gif?partner_uid=9abcf08be407da3b8b85349ba60a839c Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 21.72.190.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers status 204 date Thu, 09 Jan 2020 16:13:40 GMT via 1.1 google alt-svc clear Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT server nginx/1.16.1 location https://idsync.rlcdn.com/377928.gif?partner_uid=9abcf08be407da3b8b85349ba60a839c p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 302 cache-control no-store, no-cache, must-revalidate content-length 86
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6 https://us-u.openx.net/w/1.0/sd?id=537103138&val=9abcf08be407da3b8b85349ba60a839c https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9abcf08be407da3b8b85349ba60a839c	43 B 183 B	24ms 23ms	Image image/gif	34.95.120.147 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9abcf08be407da3b8b85349ba60a839c Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS 147.120.95.34.bc.googleusercontent.com Software OXGW/16.173.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT via 1.1 google server OXGW/16.173.0 vary Accept p3p CP="CUR ADM OUR NOR STA NID" status 200 cache-control private, max-age=0, no-cache content-type image/gif alt-svc clear content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers date Thu, 09 Jan 2020 16:13:40 GMT via 1.1 google server OXGW/16.173.0 location https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=9abcf08be407da3b8b85349ba60a839c p3p CP="CUR ADM OUR NOR STA NID" status 302 alt-svc clear content-length 0
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=9e4bc82172636dc32a04787d10288612-1578586419782&xid_ch=f&advertisable=GOPDDBEERFCDXPLALJULI6&google_nid=adroll5 https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=mrzwi-QH2juLhTSbpgqDnA https://d.adroll.com/cm/g/in	42 B 538 B	32ms 32ms	Image image/gif	54.171.23.184 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.171.23.184 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-171-23-184.eu-west-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT server nginx/1.16.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" status 200 cache-control no-store, no-cache, must-revalidate content-type image/gif content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Thu, 09 Jan 2020 16:13:40 GMT server HTTP server (unknown) location https://d.adroll.com/cm/g/in p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1816091305367820 Show response connect.facebook.net/signals/config/	447 KB 112 KB	374ms 373ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1816091305367820?v=2.9.15&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 9db4d65bab2569b53796a76fb8dce8740d67a5bed2b8612a905ac3e33a808913 Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-24=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug ambUWyWgMrziYeu4VFwPbDpAN6vmvidfc+isfCaJJ6j96dhtkzLHpPUzEfdg4NkR+qs//i7HcAbAre2cdGT3ew== x-fb-trip-id 1850256238 date Thu, 09 Jan 2020 16:13:40 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 264 B	7ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1576341132417108&ev=PageView&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&rl=&if=false&ts=1578586419939&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1578586419938.1858812785&it=1578586419696&coo=false&rqm=GET Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:39 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-24=":443"; ma=3600 content-length 44 expires Thu, 09 Jan 2020 16:13:39 GMT
GET H2	200	adsct Show response analytics.twitter.com/i/	31 B 266 B	136ms 135ms	Script application/javascript	104.244.42.195 Twitter Inc.
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nyfcd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.195 , United States, ASN13414 (TWITTER - Twitter Inc., US), Reverse DNS Software tsa_o / Resource Hash df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:40 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" status 200, 200 OK x-twitter-response-tags BouncerCompliant content-length 57 x-xss-protection 0 x-response-time 114 pragma no-cache last-modified Thu, 09 Jan 2020 16:13:40 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 content-type application/javascript;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 2299008b9f27bc2d0cfa28357225f79a x-transaction 0084ceb800fc0b53 expires Tue, 31 Mar 1981 05:00:00 GMT
GET H/1.1	200 OK	sessioncam.recorder.js Show response d2oh4tlt9mrke9.cloudfront.net/Record/js/	269 KB 61 KB	132ms 27ms	Script text/javascript	13.224.197.163 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.197.163 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-13-224-197-163.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 38691b71521a304f40205eaaffa0afdbf74815deef32d153f87ceec80af26282 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Date Thu, 09 Jan 2020 09:50:06 GMT Content-Encoding gzip Last-Modified Tue, 17 Dec 2019 09:46:20 GMT Server AmazonS3 Age 23098 ETag "2f4c3789a2bbaac5154f7838615305ee" X-Cache Hit from cloudfront Content-Type text/javascript Via 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront) Cache-Control max-age=14400 X-Amz-Cf-Pop FRA2-C1 Connection keep-alive Accept-Ranges bytes Content-Length 61500 X-Amz-Cf-Id DlBfcWDx5jYIsornZiRw9Kr_JkkYaFzlRxFVY-I1qYan_ADkz_2JOg==
GET H2	200	/ www.facebook.com/tr/	44 B 151 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1816091305367820&ev=PageView&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&rl=&if=false&ts=1578586420332&cd[segment_eid]=7YG2L3NMUREZPN623NKNLS&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=29&fbp=fb.1.1578586419938.1858812785&it=1578586419696&coo=false&rqm=GET Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:40 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-24=":443"; ma=3600 content-length 44 expires Thu, 09 Jan 2020 16:13:40 GMT
GET H/1.1	200 OK	config.aspx Show response ws.sessioncam.com/Record/	145 B 443 B	426ms 101ms	Script text/javascript	3.223.57.201 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ws.sessioncam.com/Record/config.aspx?url=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ae=1&sse=1578586420456 Requested by Host: d2oh4tlt9mrke9.cloudfront.net URL: https://d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.223.57.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-3-223-57-201.compute-1.amazonaws.com Software / Resource Hash 72cdde54cb5873078eccfab3f4d0e94a6d375e2a767fe66882601663686eed43 Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Thu, 09 Jan 2020 16:13:40 GMT Server Timing-Allow-Origin * P3P CP="ADMa DEVa IVAa IVDa OUR IND DSP NON COR" Cache-Control no-cache, no-store Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 145 Expires -1
GET H2	200	/ www.facebook.com/tr/	44 B 151 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1576341132417108&ev=Microdata&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&rl=&if=false&ts=1578586421443&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Badge%20Evidence%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1578586419938.1858812785&it=1578586419696&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers date Thu, 09 Jan 2020 16:13:41 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-24=":443"; ma=3600 content-length 44 expires Thu, 09 Jan 2020 16:13:41 GMT
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	404ms 404ms	Image image/gif	103.235.46.191 CNNIC-BAIDU-AP Be...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1612488882&si=36f63a126b1af79a83cb1ec43112acd5&v=1.2.68&lv=1&sn=44877&ct=!!&tt=Badge%20Evidence Requested by Host: badges.wes.org URL: https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (CNNIC-BAIDU-AP Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers Pragma no-cache Date Thu, 09 Jan 2020 16:13:41 GMT X-Content-Type-Options nosniff Server apache Strict-Transport-Security max-age=172800 Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43
GET H2	200	collect www.google-analytics.com/	35 B 103 B	7ms 6ms	Image image/gif	2a00:1450:4001:816::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j79&a=559855678&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ul=en-us&de=UTF-8&dt=Badge%20Evidence&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20depth&ea=25%25&_u=aEDAAEAB~&jid=&gjid=&cid=1568816698.1578586420&tid=UA-2132518-1&_gid=1675196634.1578586420&gtm=2wgc61KNVLN7F&z=718691594 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Nov 2019 15:33:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 4235992 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 109 B	6ms 5ms	Image image/gif	2a00:1450:4001:816::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j79&a=559855678&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ul=en-us&de=UTF-8&dt=Badge%20Evidence&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20depth&ea=50%25&_u=aEHAAEAB~&jid=&gjid=&cid=1568816698.1578586420&tid=UA-2132518-1&_gid=1675196634.1578586420&gtm=2wgc61KNVLN7F&z=1367649550 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Nov 2019 15:33:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 4235992 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 103 B	7ms 6ms	Image image/gif	2a00:1450:4001:816::200e Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j79&a=559855678&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbadges.wes.org%2FEvidence%3Fi%3Ddaf55922-6288-4639-9ba5-3abe5a8b19d9%26type%3Dca&ul=en-us&de=UTF-8&dt=Badge%20Evidence&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Scroll%20depth&ea=75%25&_u=aEHAAEAB~&jid=&gjid=&cid=1568816698.1578586420&tid=UA-2132518-1&_gid=1675196634.1578586420&gtm=2wgc61KNVLN7F&z=1721216572 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://badges.wes.org/Evidence?i=daf55922-6288-4639-9ba5-3abe5a8b19d9&type=ca User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36 Response headers pragma no-cache date Thu, 21 Nov 2019 15:33:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 4235992 content-type image/gif status 200 alt-svc quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 cache-control no-cache, no-store, must-revalidate access-control-allow-origin * content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT