khgf.hndmex.cfd Open in urlscan Pro
2606:4700:3037::6815:4e70 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://khgf.hndmex.cfd/
Submission: On April 13 via api (April 13th 2024, 11:51:39 am UTC) from US — Scanned from DE

Summary HTTP 112 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 24 domains to perform 112 HTTP transactions. The main IP is 2606:4700:3037::6815:4e70, located in United States and belongs to CLOUDFLARENET, US. The main domain is khgf.hndmex.cfd.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.

This is the only time khgf.hndmex.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2606:4700:303... 2606:4700:3037::6815:4e70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
9	54.228.155.162 54.228.155.162	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.21.17.117 2.21.17.117	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:46::64 2620:1ec:46::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	23.194.131.217 23.194.131.217	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:264... 2600:9000:2644:c000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	18.206.17.46 18.206.17.46	14618 (AMAZON-AES) (AMAZON-AES)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
3	20.96.88.162 20.96.88.162	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:ee26:ded1:edd1:f90d	16509 (AMAZON-02) (AMAZON-02)
1	23.218.107.192 23.218.107.192	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
112	31

42 2606:4700:3037::6815:4e70 (United States)

ASN13335 (CLOUDFLARENET, US)

khgf.hndmex.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.228.155.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

apps.mypurecloud.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.17.117 (Brussels, Belgium)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-17-117.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.194.131.217 (Philadelphia, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-194-131-217.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:c000:6:9280:1080:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.206.17.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-206-17-46.compute-1.amazonaws.com

apps.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.96.88.162 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

k.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:ee26:ded1:edd1:f90d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.107.192 (Philadelphia, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-107-192.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	hndmex.cfd khgf.hndmex.cfd	2 MB
9	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 710	268 KB
9	mypurecloud.ie apps.mypurecloud.ie — Cisco Umbrella Rank: 96447	195 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 751 c.clarity.ms — Cisco Umbrella Rank: 1390 k.clarity.ms — Cisco Umbrella Rank: 6166	28 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	757 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3117 tr.outbrain.com — Cisco Umbrella Rank: 2953 wave.outbrain.com — Cisco Umbrella Rank: 3127	10 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 335 c.bing.com — Cisco Umbrella Rank: 233	14 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1079 trc.taboola.com — Cisco Umbrella Rank: 752 trc-events.taboola.com — Cisco Umbrella Rank: 2443	24 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 245	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7551	190 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 87 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	429 B
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3076 www.google.com — Cisco Umbrella Rank: 2	341 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	21 KB
2	adroll.com s.adroll.com — Cisco Umbrella Rank: 3361 d.adroll.com — Cisco Umbrella Rank: 1573	31 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 756 script.hotjar.com — Cisco Umbrella Rank: 1167	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	75 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1153	83 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 5938	967 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	273 B
1	mypurecloud.com apps.mypurecloud.com — Cisco Umbrella Rank: 9525	702 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 124	2 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 641	34 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
112	24

	Domain	Requested by
42	khgf.hndmex.cfd	khgf.hndmex.cfd
9	analytics.tiktok.com	khgf.hndmex.cfd analytics.tiktok.com
9	apps.mypurecloud.ie	khgf.hndmex.cfd
7	www.googletagmanager.com	khgf.hndmex.cfd
3	k.clarity.ms	khgf.hndmex.cfd
3	bam.nr-data.net	khgf.hndmex.cfd
3	www.google.de
3	bat.bing.com	khgf.hndmex.cfd
3	www.google-analytics.com	khgf.hndmex.cfd
2	trc-events.taboola.com	khgf.hndmex.cfd
2	c.clarity.ms	1 redirects
2	www.google.com	1 redirects
2	tr.outbrain.com	amplify.outbrain.com khgf.hndmex.cfd
2	stats.g.doubleclick.net	www.googletagmanager.com khgf.hndmex.cfd
2	www.clarity.ms	khgf.hndmex.cfd
2	connect.facebook.net	khgf.hndmex.cfd
2	maxcdn.bootstrapcdn.com	khgf.hndmex.cfd maxcdn.bootstrapcdn.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	d.adroll.com	khgf.hndmex.cfd
1	googleads.g.doubleclick.net	1 redirects
1	www.facebook.com
1	c.bing.com	1 redirects
1	trc.taboola.com	khgf.hndmex.cfd
1	apps.mypurecloud.com	khgf.hndmex.cfd
1	www.googleadservices.com	khgf.hndmex.cfd
1	js-agent.newrelic.com	khgf.hndmex.cfd
1	script.hotjar.com	khgf.hndmex.cfd
1	wave.outbrain.com	khgf.hndmex.cfd
1	region1.analytics.google.com	www.googletagmanager.com
1	s.adroll.com	khgf.hndmex.cfd
1	amplify.outbrain.com	khgf.hndmex.cfd
1	cdn.taboola.com	khgf.hndmex.cfd
1	static.hotjar.com	khgf.hndmex.cfd
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	khgf.hndmex.cfd
112	35

This site contains links to these domains. Also see Links.

Domain
sacoronavirus.co.za
api.whatsapp.com
dkfadk.top
test.kingpricelife.co.za
www.munichre.com
www.newre.com
axaxl.com
www.swissre.com
www.facebook.com
www.instagram.com
www.linkedin.com
za.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
hndmex.cfd GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
mypurecloud.ie Amazon RSA 2048 M01	`2023-08-20` - `2024-09-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-21` - `2024-04-20`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2024-04-13` - `2024-06-27`	2 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
mypurecloud.com Amazon RSA 2048 M03	`2023-08-19` - `2024-09-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2023-10-09` - `2024-11-07`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://khgf.hndmex.cfd/
Frame ID: 64ED52ACCE06AB01B5601B87FB8518CF
Requests: 112 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insurance | Car & Business insurance | King Price Insurance

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+/widgets/([\d.]+)
apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

98 %
HTTPS

56 %
IPv6

24
Domains

35
Subdomains

31
IPs

5
Countries

3787 kB
Transfer

7999 kB
Size

27
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://sacoronavirus.co.za/
Title: sacoronavirus.co.za

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=27860505050&text=Quote&app_absent=0
Title: Chat now via WhatsApp

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send/?phone=27860505050&text=Hi&app_absent=0

Search URL Search Domain Scan URL

URL: https://dkfadk.top/blog/community-insurance/
Title: Our community blog

Search URL Search Domain Scan URL

URL: https://test.kingpricelife.co.za/
Title: Get a quote

Search URL Search Domain Scan URL

URL: https://dkfadk.top/blog
Title: Our blog

Search URL Search Domain Scan URL

URL: https://www.munichre.com/en/company/about-munich-re/munich-re-worldwide/sub-saharan-africa/about-us.html
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.newre.com/en.html
Title: Learn more

Search URL Search Domain Scan URL

URL: https://axaxl.com/reinsurance
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.swissre.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KingPriceInsurance/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kingpriceins/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/2621399

Search URL Search Domain Scan URL

URL: https://za.pinterest.com/kingprice/

Search URL Search Domain Scan URL

URL: https://twitter.com/kingpriceins

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=57A382167FB64DCB9C0E578B9854DC7E&RedC=c.clarity.ms&MXFR=3459EBC566E16BCB13E7FFA562E165EE HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=57A382167FB64DCB9C0E578B9854DC7E&MUID=1737C40949A5668200E9D06948CE6745

Request Chain 90

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkhgf.hndmex.cfd%2F&label=J72qCP-D3YUBEOfR3tgD&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=488979216.1713009093&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&eitems=ChAI8NrosAYQ_oGQm6ztt5VMEh0AycWmCCIEU8yqGrHHFmADh7PhnexTXONdTiHrMA&pscrd=IhMI5oP5k5C_hQMVQso7Ah0wJQ_GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8va2hnZi5obmRtZXguY2ZkLw HTTP 302
https://www.google.com/pagead/1p-conversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkhgf.hndmex.cfd%2F&label=J72qCP-D3YUBEOfR3tgD&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=488979216.1713009093&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5oP5k5C_hQMVQso7Ah0wJQ_GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8va2hnZi5obmRtZXguY2ZkLw&is_vtc=1&cid=CAQSGwB7FLtqclZNhqAsd7bOQ5fSgs0-0K5hZrXV4g&eitems=ChAI8NrosAYQ_oGQm6ztt5VMEh0AycWmCMhza2KJviR7WCXYrUYM6-fqgLM_icERug&random=4146373208 HTTP 302
https://www.google.de/pagead/1p-conversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkhgf.hndmex.cfd%2F&label=J72qCP-D3YUBEOfR3tgD&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=488979216.1713009093&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5oP5k5C_hQMVQso7Ah0wJQ_GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8va2hnZi5obmRtZXguY2ZkLw&is_vtc=1&cid=CAQSGwB7FLtqclZNhqAsd7bOQ5fSgs0-0K5hZrXV4g&eitems=ChAI8NrosAYQ_oGQm6ztt5VMEh0AycWmCMhza2KJviR7WCXYrUYM6-fqgLM_icERug&random=4146373208&ipr=y

112 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
khgf.hndmex.cfd/ 209 KB
46 KB 1834ms
1793ms Document
text/html 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40d88af2e088920665931b4d7d4c3574fb546e9b54bc03c6e6b075a71e598407

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 873b3e9c3c8904a3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 13 Apr 2024 11:51:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIaPZuPI8VcTd7Ummkjo1aRZU0Cp8JVxf3TljL6x4e93PX%2B70n1Dt5rIUig1nOYAe%2FQa%2BYslqGNh%2FH4BSgLWOk8cjId5rJxwqYZz3bfJEdU9O%2B5%2BKr1WWHbYWfUoebt1RPAOCj4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 43ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:120,200,300,400,500,600,700,800,900

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68cc211f2324cafaae3ea7d084cd1283172ef6064124d82747b2303eb0287a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 11:51:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Apr 2024 11:51:32 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 37ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1078
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1913763
cdn-cachedat: 03/18/2024 12:28:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5e4d53437a90cba0ca0545e9504ae32b
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 873b3ea9cf392be8-FRA
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.css
khgf.hndmex.cfd/Content/ 152 KB
26 KB 26ms
24ms Stylesheet
text/css 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Content/bootstrap.min.css
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99619
etag: W/"0eae94dbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tU%2BxX3B2bJNgFPrlxQtZlFrWof9cBp7G2aUPACeUdacnyBV8SHOxrS5Gy4A5LfQM8tlSOjAcyYXt4M4jWykvL3G67A0Sz5DInhZV01JD9%2BNn4eNIcD73WWwtYzQWovsFNwkj2X8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9a9cb04a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap-select.min.css
khgf.hndmex.cfd/Content/ 10 KB
3 KB 34ms
32ms Stylesheet
text/css 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Content/bootstrap-select.min.css
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d99902464ea5a053d3834285e12852d7f460a08ca2b9d2b87c6c3137990286e0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99617
etag: W/"0eae94dbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLbt0au9lML4m9K1p71S1H3GHeZ7sgdYtXgNAop5%2BRUxBumdT16gvo39KauLebhuPQBRd1WK%2FWImE%2F8togTHUKebAWd%2Br33d8G37iVoK2f8owt%2BhORJDb98SJnmAHpo%2FumX6A5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9a9ce04a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bundle.min.css
khgf.hndmex.cfd/Content/Stylesheets/ 307 KB
47 KB 26ms
25ms Stylesheet
text/css 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af1a3aa3ba66d1d09d72c8c3fbae0f031be43f8c78a4d0f0ec78035b1473f4c1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99615
etag: W/"022866abc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooCbn33X3lcKzmhxwfTcrecIRBXs%2FR15gpCw1cxgrKNov1S8FmZ8WNSxZ0Uda%2BojIGcx9bWQJZ3X6lnuMeVDQoThvVIyA9LEQzsVFQ7tZhNcwMpiMLPGJtP21GCfTM0KVVfBMZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9a9d004a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 cic-chat-kp.css
khgf.hndmex.cfd/Content/Stylesheets/ 6 KB
2 KB 22ms
21ms Stylesheet
text/css 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Content/Stylesheets/cic-chat-kp.css?250423-1249
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8cc21ef66bdee95ea71e084a5985d8bd2da50e9c75e5c3e1619baabbc921104

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99609
cf-polished: origSize=7899
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: minify
server: cloudflare
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFHYviYdaVN4W1H58u7Gca5RDKsdcIc9VHEvg5Wi9fURww1p2ZTFBNHsSVnBP8reSWpvdPpP0JZN5rDBDq%2B0vNjVLI2E8Tua4w1wVi5oTisQ1qgZ8AKxdGLu8Lf8sLZ9H6bsYfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9ea0004a3-FRA

GET
H3 200 whatsapp-icon-24px-nugreen-latest.svg
khgf.hndmex.cfd/Content/Images/General/ 5 KB
2 KB 24ms
24ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/whatsapp-icon-24px-nugreen-latest.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2558e574edbdf92876a6a9708c9d30e131aa866c3993762165ffa8af71e557fb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99601
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SgVS6P7OHldxJypJFx58apYm9l3rmyJVzR3ZwUu%2F%2FCo4yC4kPr%2F01Ds6W%2BcLnEnGYLTaBv6og2ixavdie3GpfLdvnMtfku4ODYpzfAor6ZIbUcOuZQs52%2FDDWS6GU8ALB1LpWeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9ea0204a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
khgf.hndmex.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://khgf.hndmex.cfd/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6610342c-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qcwcUSyAD5cKv5RVI0baaMKKwn5IeKmFzkdsyYLXFlOO3A2V7oMa4%2FjyGsLikQc%2BOzDm4P5%2FyiIdt1WcLyU9uAqX6f1JHNyytMXquxXdC72jh4ckc8lbxOZSSSamElrudgx%2Bc8p2VWWf8PZhl90%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 873b3ea9ea0404a3-FRA
expires: Mon, 15 Apr 2024 11:51:32 GMT

GET
H3 200 kp-logo-sticky-52x42px.svg
khgf.hndmex.cfd/Content/Images/General/ 6 KB
3 KB 26ms
26ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/kp-logo-sticky-52x42px.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5399abdc417a715c898de965f42e478f35277b30ed00ea05fe6dcd3e71dfe1f2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298188
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TZTvOs8oCN2eG%2FJ%2FFWfZ9HoSsnmcQpkIHBFuYlV7k9d0W8sHnlKuTHDz8KqBEcHxaUR4Eokfsb4xTyzXCL0RZwxjsPxDEYQZ3sh7Y0wFdCVPiRKoB2z8B%2BL93eAG366%2BuwA3lvE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9ea0504a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kp-logo-desktop-237x99px.svg
khgf.hndmex.cfd/Content/Images/General/ 15 KB
6 KB 36ms
34ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/kp-logo-desktop-237x99px.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a93775c58fff1978eb23b2f76fdd4704eae5c502ad86aaf6759afaa01f9aaf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298187
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHZAzGlmfqsMmfENHe1qbQqux99zNumpKyAb2OAx0MdfYOpRDL%2F7U3XGAn2dYu%2F52ARVuvbOPJAd6QGcO803OrRlUaq%2BJnPPxYUQv4oO75oqnAEbXRvWleGsENQI%2FZztfxQjW2k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9ea0804a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 kp-logo-mobile-52x41px.svg
khgf.hndmex.cfd/Content/Images/General/ 6 KB
3 KB 25ms
24ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/kp-logo-mobile-52x41px.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 779db044e35779fb2ebfcf7ba658c37cad9407ec5b21574f5e46fdb4f87a7902

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99600
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lk18ZT313sp1YqCPln4Ci6BlRca1Oah7g5GG69PPX0cdFj4FKmNAdfh5941jpw28Vu1BF7zV9655edweJZA63ypNbUo6an3aOuAZz3UkBsMTjJJ2j21EZHFg9sm99Re6sYOQLIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ea9ea0904a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 nav-desktop-phone-34x34px.svg
khgf.hndmex.cfd/Content/Images/General/ 417 B
756 B 23ms
23ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/nav-desktop-phone-34x34px.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44f3ac82b2b794abe6e7ad266f4a68aa41c11b461d5e04c0fbcf79e3c2e2f9cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 122000
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0KYhH%2F5l60fmASGzMiSr8ghcUpA4%2FFG51qMcbpnW8qOxH86708BN6frj8GEVSw%2FoeYK9S5pYMaSZtqzvqw2GNZwAfHxhpRb2DwK7mCa5Npm8ArNu7I7fhBTwQJBlYQT7dPQ4Or4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eaa3a5704a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 nav-desktop-whatsapp-34x34px-nugreen.svg
khgf.hndmex.cfd/Content/Images/General/ 2 KB
1 KB 26ms
26ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/nav-desktop-whatsapp-34x34px-nugreen.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2438d87960cd92b0bfb0c474e6cd4ef0ac3901c586f25db294088e7498eff983

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 298181
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdBrmOeBwutWNb%2B0IW2Hpm0ZxZa3QCzJbP4hYDkaSKH01Ta6cD%2Fd9voG0qPWGOZ8mqCEljYDv5YzZOH1BAn0WFDBL9BTd9PgIDPt%2BoQQlruTiMbWXRaqQUf9cxxRgBqBMtzlY0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eaa3a5904a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:120,200,300,400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://khgf.hndmex.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 08 Apr 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 411448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Apr 2025 17:34:04 GMT

GET
H3 200 King-Price-Insurance-PDF-icon.png
khgf.hndmex.cfd/Content/Images/General/ 897 B
1 KB 26ms
26ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/King-Price-Insurance-PDF-icon.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437f8e5d0d66f0a6603891d7a5c59688e7b2a87fa16d3c8dbf9e2a9129b72151

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109627
cf-polished: origSize=1052
alt-svc: h3=":443"; ma=86400
content-length: 897
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pidzsL391CZwok%2B3Gzc%2BPDxLZmPcY%2FtoaJ4Rsc%2FygFT3%2FiElVTj%2FOxc742incS8aH2fpLtbIvc34xM2Gl6H576KMRgOrjau%2FNWG3HusrN%2FdfH%2BxhJ3ALwtsh0RaNXWwQ0QufjlU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab1b4204a3-FRA

GET
H3 200 King-Price-Insurance-PDF-Mobile-icon.png
khgf.hndmex.cfd/Content/Images/General/ 864 B
1 KB 23ms
23ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/King-Price-Insurance-PDF-Mobile-icon.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 064498b71b52947b6fc0d4f4a132ded9b2eff27ff8ad1f21a3b1eb608fa0a09d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 110753
cf-polished: origSize=1029
alt-svc: h3=":443"; ma=86400
content-length: 864
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrFqrKbaBKEA0%2BtLpr15tmsxaG4PBPeILgXTTr72mtZgMyDrqo4o6oFV5Z7fbeQJzR%2F0wUpAwkd09foEtwt1woSk7R0hvHGmtCvmd0hcTTnFrd923sBP7Ig6jQSh2aGj1emOJeA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab2b4504a3-FRA

GET
H3 200 nav-desktop-user-34x34px.svg
khgf.hndmex.cfd/Content/Images/General/ 650 B
838 B 23ms
23ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/nav-desktop-user-34x34px.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b89039e8ad7a37d96c34a01b52469f83cff2c4c68fbd3cf814ae2d66901b5a0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 121998
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjTPgo0XWzaS3LeTNjpYlmtXQ1nqaHL5kHLL9U3Y4erpz7dO9nJAKI6p8f7USrmqvuqBnCnlaSKm1fezaitG%2FroR2%2FdnNr0ovx9HWQY3QA6djskLZvQtT6F%2Bun9HFxreWcrD6Wk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eab2b4b04a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 38ms
21ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://khgf.hndmex.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 752
cdn-cachedat: 10/31/2023 19:08:24
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: d92797c45b3e9d8ee46d5bc3009876b1
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 873b3eab5f8035f0-FRA
cdn-requestpullsuccess: True

GET
H3 200 king-price-simple-cheap-insurance-525x422.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 199 KB
199 KB 28ms
27ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/king-price-simple-cheap-insurance-525x422.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4907d0abb2360d9f412146c9458b76f62a017f730c8feab2cc2748c3d0bde8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95916
cf-polished: origSize=296357
alt-svc: h3=":443"; ma=86400
content-length: 203558
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbOqXCWfOwkLhaj0z99A9J0EZ2bQ0VAIxXavP3FH7hckjaTYARepR2mV7SC9SVa40%2B6hK5BKj%2FOllLt58vmr9en%2BpZxLnn8xuv6iaoWnuWLUofsNJAq9S%2Bp%2Bv4s8RMwfixFEr8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab5b6f04a3-FRA

GET
H3 200 king-price-refer-a-friend-110123-522px.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 85 KB
85 KB 45ms
44ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/king-price-refer-a-friend-110123-522px.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c6e7b494ac3fb6d92f38ab5d4f26ec9aa92d2b489bbc777d51bbdc2bde78ed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95916
cf-polished: origSize=120839, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 86787
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azY6k69erf4%2BnJcQupj4oRBhVr0iQOq7XhxEKIX1bV9kb36Uzd9O1kpB3ceYNnZpAr0%2FBagaOL6OAFeOoxUU5dmKWUpK%2Fkx9jRo0CuohAaIcNmLm8BN1sO9dTCz91MFAypDJsI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab5b7304a3-FRA

GET
H3 200 image-kp-makingadifference-header.png
khgf.hndmex.cfd/Content/Images/About/makingDifference/ 456 KB
457 KB 27ms
26ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/About/makingDifference/image-kp-makingadifference-header.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe7f6273a056579251c5d717bad714034d8d9ca190ddac93bb77760adfaf3a86

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95915
cf-polished: origSize=532162
alt-svc: h3=":443"; ma=86400
content-length: 467196
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cX4t2u%2FDW4jynZgif6FMKtmrtCKjHKJGYeNxD8589DiV9qJ5j8WlR7GLYZdW6FofEgoeXNhgLtIswMHMAdjUiXwBk%2BisG4iF2%2BO%2Fp9vOJP2byO6mBvS6ueepbDvQ%2Bdk%2BF78zusM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab5b7504a3-FRA

GET
H3 200 Business%20insurance%20660x530.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 201 KB
202 KB 77ms
76ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/Business%20insurance%20660x530.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7974c0248c18769d6873ec1bffec4dffe5d4f2c713bd63366a0b55b5e61f213e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 99431
cf-polished: origSize=224839
alt-svc: h3=":443"; ma=86400
content-length: 205960
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6EVob%2FB5f0Je0BenlMt2LM%2FqP8Cx4SQ7emvYnIqB4gF4Z9PEsjm5ys2hLRuVn8ylHq%2F4q1EBlCJYmvyUrPc%2FgSpqdhb3hsqXEXs%2BKrSSoiZyStOlsI43WjICIo5V7QWJ9x9WWIs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab5b7704a3-FRA

GET
H3 200 Community%20insurance%20660x530.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 316 KB
317 KB 85ms
84ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/Community%20insurance%20660x530.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0ff879d8ba666f11cb2795dff173ff7580ccc7a9650838dacd2511f2c28a3b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95915
cf-polished: origSize=339880
alt-svc: h3=":443"; ma=86400
content-length: 323855
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9XmeUJbxtJZJ%2FhYcI9cb82WdjBMGk6HjUEOBJbNFL2%2Bbel1Cv6ssEHxoEf6F0uvvCkl8KlzS5eDDl3Hn8PCfG2idRO9OYVSuULpnImC5oOjKko97qZWXHI%2Bnw%2BkjunNFnCclfM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab5b7904a3-FRA

GET
H3 200 Agri%20insurance%20660x530.png
khgf.hndmex.cfd/Content/Images/Agri/ 322 KB
322 KB 79ms
78ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Agri/Agri%20insurance%20660x530.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437c3044c01632c51ce00c421c0fad32ab9423954dcb446a33422f08b5b4de67

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122079
cf-polished: origSize=345872
alt-svc: h3=":443"; ma=86400
content-length: 329647
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIrUPJQvLRS%2B4NaSUDDvRvAxtDtHQuNRIklAjTznDl%2Bks481hGYv3x6Cb2ffzL3FlabnU3cG20vZPpYdBj%2BrRR1mMZV%2FYPf5RCqpoXQ5T8HqqhrmUr4M51CBFJAaUm7RoxShDxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab7b9404a3-FRA

GET
H3 200 making-a-difference.png
khgf.hndmex.cfd/Content/Images/About/makingDifference/ 23 KB
23 KB 98ms
96ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/About/makingDifference/making-a-difference.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49f310a5db53f7edc77bee4abbda4ade7f7836a8085bbe44b38ad4433c2f357d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122077
cf-polished: origSize=24454
alt-svc: h3=":443"; ma=86400
content-length: 23068
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUS5PUdkcWB69LzdiEa7Iz2AcvwXJHN5M%2FUfEKrbyCwAYH4D3C4x%2Bh8Dz1DkPIXHUxB6M1VrbTJfzznkZYrbCuUqpoO8xjn6tlI1DVyKnZcCSlwAv9kdwkN3gXRpaYQivXjeTdM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab7b9704a3-FRA

GET
H3 200 header-whatsapp.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 82 KB
82 KB 98ms
97ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/header-whatsapp.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c49c4169698d050b079aa7d410851d1220006c5d1709ca1a399062fa0b19a80b

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122075
cf-polished: origSize=122951
alt-svc: h3=":443"; ma=86400
content-length: 83809
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BgOIMktM%2F%2FIe3YdhU4MxAqabUD%2B48nmigpqpvYeDQmPCzKyvlQXBi0l81cbXvanNxQBbkti87VRD7fUpux%2BpTLq8NWiYOtCYjFkTorXxUOvHFcrRCMUAc4Sb8djToOwBADI7lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab7b9804a3-FRA

GET
H3 200 Decreasing%20premiums.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 57 KB
57 KB 100ms
99ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/Decreasing%20premiums.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd14744a96f8838d6c8a07f2d73e06ea394030c3cd2396adfdd45ddb775b518

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122074
cf-polished: origSize=87075
alt-svc: h3=":443"; ma=86400
content-length: 57897
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Be19wFtGPFczywN9NEcCnKvHr89vbFaOGY%2F2eJyyOeqQl0FGXY5bR96wGx4B3DCG9C9AKOJfTkZymteTQUAkWcAfZzaJ4s2kn4w%2FL0K2l9vxFKL0O88haP2B7Iy0u2GpgeVDf50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab7b9904a3-FRA

GET
H3 200 No%20bogus_no%20claim%20bonus_image.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 14 KB
14 KB 107ms
106ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/No%20bogus_no%20claim%20bonus_image.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98a000070b5b7b6841b8cdbc44bb89fe5a20a553e1a8685abca51c8732f961e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122072
cf-polished: origSize=20368
alt-svc: h3=":443"; ma=86400
content-length: 14230
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UEudVdA%2BMHjM%2Fa8YK%2BkHSUBgdBj%2BQ%2FXJxQ7kvTSclLJEg%2BIh2n1gGpcPa6%2BBrAewpf%2BVqSEa6%2FZhiksa4HNob6Avn8hDOifNxHO4vS%2BI%2FGco5oeiVW4l4QaWOp645Bn%2BZ0swIu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab7b9a04a3-FRA

GET
H3 200 The%20million%20rand%20question_image.png
khgf.hndmex.cfd/Content/Images/Home/slider/ 26 KB
27 KB 108ms
107ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/slider/The%20million%20rand%20question_image.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d04be1f575b406870c73e4f074bcaa406d712e489a3ac94563ad5bce94df485

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 122070
cf-polished: origSize=41750
alt-svc: h3=":443"; ma=86400
content-length: 26778
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1yLS3hL%2BQCS%2BTNJUOdnoKsWR1PJ4%2BIQf4NTnTmbmEFnn2hWCZMC1WLRAbSFWNt9tkoOoOJRWd8IX2JI8mNTMSuNnKOimyrvpPaHRc%2Fi1kz2RPMYNAHZrUYrxc7hIE%2F7TEtHvjo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab7b9b04a3-FRA

GET
H3 200 productsSprite.png
khgf.hndmex.cfd/Content/Images/Home/products/ 27 KB
27 KB 99ms
98ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/products/productsSprite.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cb2bf2ac7ee26c2b6741133e5ef5b6b03796261c600ecb2827b20f7a6ea7232

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121995
cf-polished: origSize=46129
alt-svc: h3=":443"; ma=86400
content-length: 27445
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6wSqCM%2BFa%2BcWbNP2KbYGG7phucgEKlrPEgY%2F8EKeQGbqB%2B%2Fph81uIWqIe5VKN4IyNsji16mhHXJ444eztltN99ota2%2B21pxtHK6D5iwC4SDNGWXEYLv4K8LAe3xeIfR8rnIOWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab8ba904a3-FRA

GET
H3 200 personalHomeSprite.png
khgf.hndmex.cfd/Content/Images/Personal/products/ 9 KB
10 KB 99ms
99ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Personal/products/personalHomeSprite.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0fba894b5a25561184150e8711c3cec91130730c2dd53cf01b3fc9c4d4edb70

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121980
cf-polished: origSize=16131
alt-svc: h3=":443"; ma=86400
content-length: 9277
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2FEYL81S%2BB5P23JdRUgnqAUZbIx5ll8xz%2FNb1%2FZdpQTPFx4LO8wjnKAuEv3Yx9YDbCX1nqChtqKXgG6cu7SVWQY9jrF5Fhh19UdSLSLJERO0kQAK52Svy8Uvs3RGLlUZIKfFkb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eab8bad04a3-FRA

GET
H3 200 whatsapp-footer-block-444px.svg
khgf.hndmex.cfd/Content/Images/Components/WhatsAppFooterBlock/ 21 KB
5 KB 22ms
22ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Components/WhatsAppFooterBlock/whatsapp-footer-block-444px.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a980baf0c9d8a25dc294bb6f547e8fa9267f7e4c2a9c6490735e2a2e344f2b22

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 122070
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O3zT7hidEt%2Fht3r%2BOsDtLeMtk0ohT%2Fftk5QEGtm2R%2FbzhDjPl%2FBpfvjGHoW0RiZ1f1J54NN1WuXHL4uZI2YedrBkmEWuMkkOdJBke4CxXZjPnTDZzze%2FamhHoQvlbVzG4oXpUPo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eac3c6304a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Testimonial-style.css
khgf.hndmex.cfd/Content/Stylesheets/ 996 B
808 B 28ms
27ms Stylesheet
text/css 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Content/Stylesheets/Testimonial-style.css
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec85663bf99a89998e2464e5ff3615c84bbddf6cbcad8b04097d4b7a5cda4ca

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 298185
cf-polished: origSize=1381
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: minify
server: cloudflare
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XfaeA6honhSVCcsbpKjD7eZCXVhmzD3Jmb0%2B8zffwTToUXjSmyJdN760GjIVepT1sZ5MdSiR9t993Q%2FlMM0Y1OY4iciF1VVKhSJWQHQsK9CX0MI4AA5HTrqlQMGtfvYkwtceaC0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eac4c7a04a3-FRA

GET
H3 200 group-18.png
khgf.hndmex.cfd/Content/Images/Home/testimonials/ 3 KB
3 KB 35ms
35ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/testimonials/group-18.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf1a6e4b903b934e9f4b71d48632cbf229aa577d16027111e5ec7d1d3749eb2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109978
cf-polished: origSize=8084
alt-svc: h3=":443"; ma=86400
content-length: 2885
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FlSAjUvje1ZWxbEllgELYLbwVytRDNjBViiUSRN0XTbDT3bFuQUGw4i%2F0bk41oQkMceYset1lXKoNFNOdPKzk2Numon242whBRXZpoF%2F7rVsS4rZ3mIdN%2FC0kjnXJFt3wTYLkRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eac4c7d04a3-FRA

GET
H3 200 awardsSprite.png
khgf.hndmex.cfd/Content/Images/Home/awards/ 49 KB
50 KB 31ms
30ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/awards/awardsSprite.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e2125e121c1fdf9f6f9728e9ea64caf21e492843c63c85fb6d5fc70673a46c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121994
cf-polished: origSize=71361
alt-svc: h3=":443"; ma=86400
content-length: 50393
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TReJec1VVpzPeO9fuVxZY8a%2BKW7TJqXiBPQQvJqFxzknSKaJshdzDGabIi3YHs%2F6r3%2BdEPZfTJs9ZEotCTEbm5UWCg3pEuRhEHsTWTxJKCwCG45c6GGigA5pJE8ayGuNfCsINnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eac9ce304a3-FRA

GET
H3 200 benifitsSprite.png
khgf.hndmex.cfd/Content/Images/Home/benifits/ 8 KB
8 KB 29ms
28ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/benifits/benifitsSprite.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a26bb46d0e0b9108e66a844bb4b2207c4c2829b37362d99866725bb3127e9a7c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121992
cf-polished: origSize=9982
alt-svc: h3=":443"; ma=86400
content-length: 8089
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRTRRRS8L7KFs6J6k60KX2EUtdULT5485N8ZAw7Za5yrUgDKo87d%2FJWgxkXWz17j1thnxpR2sRNCjOyuQZAdZvRyW7QMIwEnJAMGw5bLukGUVJL8SBEZvHX8o0b29lmNm3B54fE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eac9ce504a3-FRA

GET
H3 200 testimonialSprite.png
khgf.hndmex.cfd/Content/Images/Home/testimonials/ 17 KB
18 KB 29ms
29ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/testimonials/testimonialSprite.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada2627af0ab913ca2870953c2da9dcddb617a2296765946875b9bae8ec1fbc7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121929
cf-polished: origSize=18719
alt-svc: h3=":443"; ma=86400
content-length: 17839
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4v0zIEiZ9x9K%2BWMZQBpCGR9ySjUbdic%2BBr9GzPCqr7W%2BgmIeNKcRd3VvFxl%2BMOlu8q511416ptznO2pCqHsRsGClbEqBdxeRgjd5VDnFAeqlOr1SEA04eF9ug5YiP7LahE%2B03ag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eac9ce804a3-FRA

GET
H3 200 reinsurancesprite.png
khgf.hndmex.cfd/Content/Images/Home/products/ 11 KB
11 KB 31ms
31ms Image
image/png 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/Home/products/reinsurancesprite.png
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 687815ed8f0732fa7a1e4c4560f148f6933f8c643856f70ecc26bcc459ccb5f1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/Content/Stylesheets/bundle.min.css?version-181223
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 121930
cf-polished: origSize=17160
alt-svc: h3=":443"; ma=86400
content-length: 10918
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "0bdb84cbc86da1:0"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GeQdA9HLTZM7T3z0raSjIT9GEvJGSGkOHqrxuc6Rt1qPqRmB0%2Bd8tN0hijMSI7%2Fihs4Biy%2B1iOaDOekPLamFgSG0eUtRfKfOwQRz7UoLXqG7Yf2xGCiF7v2aCIRVknN4s3Jw3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 873b3eac9ce904a3-FRA

GET
H3 200 king-price-footer-logo-080622.svg
khgf.hndmex.cfd/Content/Images/General/ 15 KB
6 KB 28ms
28ms Image
image/svg+xml 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://khgf.hndmex.cfd/Content/Images/General/king-price-footer-logo-080622.svg
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ce2bf8791b33dc739f0aacfc913b41cd6b14d44772f9ae04112a0586b821464

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 122020
etag: W/"0bdb84cbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dHt8SvcJeMvlJpZHsDVn9e3LQkhEKWDq3oMOQ36leDkpeB0BgUy%2B8Ri4%2FFHd66Cpt61BBJMh6M7TF3qbtHInLICJGkNdtt4NmSiH1lpAu%2FWtJjiMWga1RL9XUlYami5BwthDr5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eacacf704a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 rocket-loader.min.js Show response
khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 10ms
10ms Script
application/javascript 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Apr 2024 17:26:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6610342c-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P0BfiOpGeqviZsj8V3A2ZV6djOoCWqmw6dg1OzxHqLNQNafmno4xt2KEKZo1vyhdO%2BZXVroJDebP0asQLbOP%2F%2B5kWt6L%2FdQULy4etyIWIjZt%2F%2FPKOB%2FZ9ipMJSveFwf6%2B1l4IoVrl8sZmBwjDmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 873b3eacbd0004a3-FRA
expires: Mon, 15 Apr 2024 11:51:32 GMT

GET
H2 200 cxbus.min.js Show response
apps.mypurecloud.ie/widgets/9.0/ 20 KB
7 KB 126ms
28ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/cxbus.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: gzip
x-amz-version-id: jIN8WbQjTIwH2XRtVOmPuY64z93rhue2
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: VDDSBDWFQE3R3DGV
etag: "15e290c6392b7f9f12f9d72ed3a6506a"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 6977
x-amz-id-2: PQZPUTT5K9WcNeN/0HC0R0JfGNDoXLskvYJv0e2MBI/RRMNm4rxlIJNs6CPYlUQQYhadsjHQeQg=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 349 KB
113 KB 72ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002689869

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4865103d9e2a12663d2c28b4663193cffc1e83c6b70a416b7bd07c6a971a0a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115412
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 11:51:32 GMT

GET
H3 200 bundle.min.js Show response
khgf.hndmex.cfd/Scripts/Shared/ 3 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Scripts/Shared/bundle.min.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13fdcefd13e383de5b9869237a011799f42054f446c7cb0a4fd921e0b4f05b2a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99611
etag: W/"04fb76bbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3DDUHY87P%2FwX5Hov%2FODkr7iUGEkIR%2B%2Bzl8iZOVZ8rtL9MRK4KrONUkD9YcL4MsGYFgZE3LPxxmTPcPai8BqcJhWAiL1zYttv%2FgiD5utSLf0QmOK%2F%2FBABnNobfC5KIInewKqcYPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eacdd2d04a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap-select.min.js Show response
khgf.hndmex.cfd/Scripts/ 50 KB
16 KB 27ms
26ms Script
application/javascript 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Scripts/bootstrap-select.min.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c33068e9076a8d5385f0ff6bdeeb87a7c2112641c221775c9304ba2282eb4d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99611
etag: W/"0eae94dbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=86ursidFWZcSl38%2FLKvHM7fzC5Z6vTiF0QK5P5kr58F6xDeBY%2BtRpHsLDiWKcFQDcWTlwgsmK2L7d%2B12Ps7eQjca4A1ZA9oELJjshI%2FPm03WGGCcpEuV79lxXIt1UlhReEvOwJw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eacdd2f04a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.bundle.min.js Show response
khgf.hndmex.cfd/Scripts/ 77 KB
24 KB 23ms
22ms Script
application/javascript 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Scripts/bootstrap.bundle.min.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99613
etag: W/"0eae94dbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qqb9oapHJVPMCNhG7c0SReHFSfgA9TiXpgkq350crXOhMnccSlzV6s40UYnP5N31P9UVXvcx3YKCHpf4QZQkDayeNqqyJOmxQGpnZ65VqJCAlyautTHG%2BW1kelW5oB4UZjD4mzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eacdd3004a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-3.4.1.min.js Show response
khgf.hndmex.cfd/Scripts/ 86 KB
33 KB 25ms
23ms Script
application/javascript 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/Scripts/jquery-3.4.1.min.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 99620
etag: W/"0eae94dbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zA47sy56uh%2F3uXZFkJNgkwXCDQUG4uzvncBvnZ%2FiMZuR5PzZhfqGM5uPtJ67wZ8VauF%2Bwn5QksU8PIP%2Bcjt0SBbH9ycoYFwTuD8dSN8yw3cj8IlKjYals8lNLTv10qM32pD4XyY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3eacdd3104a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
khgf.hndmex.cfd/ 1 KB
1 KB 495ms
493ms Other
image/x-icon 2606:4700:3037::6815:4e70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://khgf.hndmex.cfd/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da68ddf674a41b4f7417824058bb1a54b03a67d211f9681d47d782689135074e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Apr 2024 18:17:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0eae94dbc86da1:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLme2G9tSzwP9reNNwCuT0XUBedqIK%2BxVpe41Eb3u1nkhcDmWpPPdtaHdwV9Zp6ey2CAKsbsat%2B6OGM5zEnVPpWGsS9wIsbw1j003R0%2B%2BeG5EHYvzla5pRFHSodL5p1zaAiQFuY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 873b3ead1d6404a3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 359 KB
112 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-JHVP

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9150d6c5c9bfe349688d3c209b2be0b3170b3fc349061aba7c7e299ae63ec06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114821
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Apr 2024 11:51:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 349 KB
113 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RF1R3QHMJT&l=dataLayer&cx=c

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

878d14b656d2fc7ae72c1d7fe451a279e1d2dc28b114a5131cda9e114ee89109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115491
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 11:51:32 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 45ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Apr 2024 11:51:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2787, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 9icHQmgsGboEy3x3xjEyVNa4su0v1q8t1zTFz/jKiRaTZXs0AhuS1Q8eXBaOF7U0bi85Tz1j3hKP+sj9k3P/gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 214 KB
78 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-991406311&l=dataLayer&cx=c

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5650fc7aee0dd9510d47a6bde6829561a86e72dd2f7c4fb17127c3003b98892a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79532
x-xss-protection: 0
last-modified: Sat, 13 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Apr 2024 11:51:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 57ms
10ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 13 Apr 2024 11:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 770
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 13 Apr 2024 13:38:42 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 349 KB
113 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1002689869&l=dataLayer&cx=c

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9872ad0ae5765ed264c3f17b4e7892985303a5863f4840cc28aa2cd502725a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 11:51:32 GMT

GET
H2 200 hotjar-572361.js Show response
static.hotjar.com/c/ 9 KB
4 KB 81ms
39ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-572361.js?sv=7

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

ce43743c865728e2eff98694a167901ec7234befad61e87a4b333d38deeb1d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4a502b22092e94faddf9a5b056e273ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/e8bc3950f7a9beb74b2d5c2805776cf9
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: GrGVnHTrl2IGJKSXPOBf58IzI5kHb1T_14U1ZSdC-3Pdgjw7bJoTtw==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1455175/ 69 KB
21 KB 158ms
110ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1455175/tfa.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb54ab4765979682b63eb94e4b74429411b70986f138c4c97d9ea57f37019474

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: s1vrMBBYR3Zu.a29.L.16YuucyHQiMd2
content-encoding: gzip
via: 1.1 varnish
date: Sat, 13 Apr 2024 11:51:32 GMT
x-amz-request-id: 41FAPK9HX2Y5ZVE6
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21519
x-amz-id-2: JMMwepq79igTahJW3kL3X3DgHEndaNIWdBf3TkgBA/HLF3jRDz/0zwGV/P7DfGiSrOisTJxusq8=
x-served-by: cache-fra-eddf8230070-FRA
last-modified: Sun, 07 Apr 2024 11:36:53 GMT
server: AmazonS3
x-timer: S1713009093.817709,VS0,VE104
etag: "012fe4df62ef7f2038e4c4ef6c74a393"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 64
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 70ms
30ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 13 Apr 2024 11:51:32 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B322EBF9438419FB05F8847D9EF563B Ref B: FRAEDGE1118 Ref C: 2024-04-13T11:51:32Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 27 KB
8 KB 74ms
19ms Script
application/x-javascript 2.21.17.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.17.117 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-17-117.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fb1afc01c16fdad5719b09ee2f8e5d841b0cdb2a669bdabc8a6eec18cd72c018

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 11:51:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Mar 2024 10:17:18 GMT
Server: AkamaiNetStorage
ETag: "b8a546f55dab30983fc9bd403c53bc91:1710757218.439864"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8262
Expires: Sat, 13 Apr 2024 12:11:32 GMT

GET
H2 200 fk7sk1yj5u Show response
www.clarity.ms/tag/ 1 KB
1 KB 222ms
104ms Script
application/x-javascript 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fk7sk1yj5u
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: a0e213a670d254203c1f7f978a4af01914d70c503348f9edf4fce92d80ff4245

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Sat, 13 Apr 2024 11:51:32 GMT
x-azure-ref: 20240413T115132Z-17d488f697fvrwvluvtwfh7wx400000000a000000000h15x
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1034
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 441ms
103ms Script
application/javascript 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC1JGARC77U9QPBO8REG&lib=ttq
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 63fef8ddd2519bef8a4b07e7207888c9342e5d5a77990cf9d260f9d37ca5c2d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6c43f92
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24041311513388A0CF83E7D97518D7CF-0F95D0BEE229A356-00
x-cache: TCP_MISS from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=12
content-length: 2094
pragma: no-cache
server: nginx
x-tt-logid: 2024041311513388A0CF83E7D97518D7CF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 12,23.194.131.213
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55e1030a336000a82d2fbda24d8b49667ccd8a0cecfae282faec02b8e72643deba49674a4fc04a30fcb907ea1631399784b14cb5f630669c8a9f1bdd85e07ea84ad7c368c00d2473a06075948b6428bad42
expires: Sat, 13 Apr 2024 11:51:33 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 438ms
102ms Script
application/javascript 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C442A6S787TERR1005M0&lib=ttq
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5641c4ebc54ce9594d64add67399fd6142a079fc34d7fe2d23722757c4c81036

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6c43f93
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240413115133F4FA21FB9DAD7A171CDB-4C104C64E65C1101-00
x-cache: TCP_MISS from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=10
content-length: 1547
pragma: no-cache
server: nginx
x-tt-logid: 20240413115133F4FA21FB9DAD7A171CDB
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.194.131.213
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55e1030a336000a82d2fbda24d8b49667cccb94c24d084fc1f6639506df4f3d1bbaa0d8e1a7f6e168a4864e1fda39bf66225f95628ae460b22aa88ee7861c3d7ae5f547361f75afc5bb0229125e57265cf4
expires: Sat, 13 Apr 2024 11:51:33 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/5IY5ZC4HGREFRPMQHG4R3V/ 102 KB
30 KB 696ms
639ms Script
text/javascript 2600:9000:2644:c000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/5IY5ZC4HGREFRPMQHG4R3V/roundtrip.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:c000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5859a6cc1e19c155a1ea2140c37cb02b897ab57ee7dabe75567fa8fbb63425c5

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Amz-Version-Id: WDJ2mc3n_ryJu8SakbkabCmEmR6WsGTv
Content-Encoding: gzip
Via: 1.1 104bdf965b5b1cb596af463b142160de.cloudfront.net (CloudFront)
Date: Sat, 13 Apr 2024 11:51:34 GMT
X-Amz-Cf-Pop: FRA60-P6
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 12 Apr 2024 11:54:11 GMT
Server: AmazonS3
Etag: W/"579e009ef6df93aa2dfafe541cd0b347"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: pOJ1hxpIetCdH9NPF3f-G2giWe4WS0593yxxZyC73UY7qf47giRG9w==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 349 KB
113 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1002689869&l=dataLayer&cx=c

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fff527372eaee0c63ed28c0c03ca0223216aa0e16dd8219664d04ca0bef8a0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 115556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 11:51:32 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 49ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-RF1R3QHMJT&gtm=45be44a0v869331089z8552965za200&_p=1713009092661&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2038011993.1713009093&ecid=1745382014&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&ec_mode=m&_s=1&sid=1713009092&sct=1&seg=0&dl=https%3A%2F%2Fkhgf.hndmex.cfd%2F&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=1713010018998_17130093976381&tfd=2964
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002689869
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khgf.hndmex.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 67ms
18ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RF1R3QHMJT&cid=2038011993.1713009093&gtm=45be44a0v869331089z8552965za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1002689869
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khgf.hndmex.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 58ms
30ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RF1R3QHMJT&cid=2038011993.1713009093&gtm=45be44a0v869331089z8552965za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1959041483

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widgets-core.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 374 KB
113 KB 29ms
28ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/widgets-core.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9a5cbc61e0e265b634de6ccd138fd0e8995af5c094dca339c3dd386ccffd9c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:32 GMT
content-encoding: gzip
x-amz-version-id: w.SmqSBMpH5YNE1h92kPVV2uefzqlWaO
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: VDDTG434FNGVYCQT
etag: "e966c09ffb153a962376b75e326444f3"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 115577
x-amz-id-2: UNjN65iynpct13POj+yeF2gA29GGtwyqdcZePvRyLWt3+zA8oSWziWwo00DWeCrLwiw57df/um0=

GET
H2 204 5625517.js Show response
bat.bing.com/p/action/ 0
117 B 30ms
30ms Script
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5625517.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 13 Apr 2024 11:51:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D85FC20B358C49EE92CEA4EC844D7EC7 Ref B: FRAEDGE1118 Ref C: 2024-04-13T11:51:32Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
284 B 34ms
34ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5625517&Ver=2&mid=5d9ac947-68b5-4cff-a29f-262ae1a5e4b9&sid=2c528790f98c11eebcf36716af4dfcb5&vid=2c529b50f98c11eeb9e4ef486686208c&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&p=https%3A%2F%2Fkhgf.hndmex.cfd%2F&r=&lt=2726&evt=pageLoad&sv=1&rn=744948

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 Apr 2024 11:51:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FCF1896381774C219121E7D68D88192B Ref B: FRAEDGE1118 Ref C: 2024-04-13T11:51:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
221 B 16ms
14ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1441281971&t=pageview&_s=1&dl=https%3A%2F%2Fkhgf.hndmex.cfd%2F&ul=de-de&de=UTF-8&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=504505808&gjid=1220469387&cid=2038011993.1713009093&tid=UA-28810012-1&_gid=1570132618.1713009093&_slc=1&gtm=45He44a0n51JHVPv552965za200&cd1=1713010018998_17130093976381&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=615619316

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

35577fb7083810ea17b377716f987463e17fe79c3415f0741eb6da96b1548941

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khgf.hndmex.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-28810012-1&cid=2038011993.1713009093&jid=504505808&gjid=1220469387&_gid=1570132618.1713009093&npa=1&_u=YCDAgEABAAAAAGAAI~&z=1983650624

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 13 Apr 2024 11:51:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://khgf.hndmex.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
321 B 358ms
88ms Ping
image/gif 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07518104028620014&referrer=&cht=gtm&marketerId=009f4275752ea1d9d50c160511b8f7b661&name=PAGE_VIEW&dl=https%3A%2F%2Fkhgf.hndmex.cfd%2F&g=1&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 11:51:33 GMT
Cache-Control: no-cache
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 1e4d525fb52092f38ae4209966f4b1c8
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 356ms
87ms Script
application/javascript 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=009f4275752ea1d9d50c160511b8f7b661

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: 92f5af86fa130c439e4a1bbc4001dd75
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 009f4275752ea1d9d50c160511b8f7b661 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
515 B 193ms
36ms Script
text/html 2.21.17.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/009f4275752ea1d9d50c160511b8f7b661

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.21.17.117 Brussels, Belgium, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-17-117.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Sat, 13 Apr 2024 11:51:33 GMT
ob-sent-time: 1712958831545
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: a37990cf6a45fe81f53438b575eff9b
Content-Length: 22
Expires: Sat, 13 Apr 2024 11:52:33 GMT

GET
H2 200 modules.429236d560f51d186b8b.js Show response
script.hotjar.com/ 221 KB
55 KB 166ms
8ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.429236d560f51d186b8b.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 05 Apr 2024 10:18:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 696807
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55714
last-modified: Fri, 05 Apr 2024 10:17:11 GMT
etag: "f153d7cc62fba42a4a256996815cbb73"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: CCCRsfn-_1-KpfIxn81HR74VEeFWkIWxzOio89I93E6PLQImApzraQ==

GET
H2 200 nr-spa-1.256.0.min.js Show response
js-agent.newrelic.com/ 106 KB
34 KB 160ms
6ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.256.0.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ff8f659a28951861c16878f44c5b90bd0e89c7a937c9fb3cdc69e11c8f8c60bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Origin: https://khgf.hndmex.cfd
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: GNq7Kze0HGpduJXIUd6ylWk9WAxDBEPg
content-encoding: br
via: 1.1 varnish
date: Sat, 13 Apr 2024 11:51:33 GMT
strict-transport-security: max-age=300
x-amz-request-id: 02YD5WGGQVXSF868
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 34424
x-amz-id-2: 4CJGxOZ70PQRQlTOI+noVxF9wBB2DSREahBRPF8bMC1urficbhcIGM9E5f6X3HBhBm3ITUGuheI=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Thu, 11 Apr 2024 22:52:01 GMT
server: AmazonS3
etag: "df2067def276a9b8c4080a405bfab46e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 115120

GET
H2 200 1526582507670240 Show response
connect.facebook.net/signals/config/ 69 KB
16 KB 141ms
141ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1526582507670240?v=2.9.153&r=stable&domain=khgf.hndmex.cfd&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cad062d76a860d60b4d5cc3666b03d2038f9581d23cbdfd129cad0371045507d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 13 Apr 2024 11:51:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=64, mss=1326, tbw=63153, tp=-1, tpl=-1, uplat=134, ullat=0
pragma: public
x-fb-debug: en+sVAL2+OUIz0hPYPPFYhSXceeC4ayW4I1IW2BFPp0s0O4D/BYXcfpGwrtrleUJ8Af+KWV0KxyM/MnEIlirnA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/991406311/ 3 KB
2 KB 151ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/991406311/?random=1713009093001&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkhgf.hndmex.cfd%2F&label=J72qCP-D3YUBEOfR3tgD&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=488979216.1713009093&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&rfmt=3&fmt=4

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3f4218548e72590bf64866caed3cf7d16fef14a9c35e493d0d8b2c8a55a1efbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1626
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webchat.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 126 KB
34 KB 28ms
28ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/webchat.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

039ca3e530e0a389bada8336d5be359f2a2f6c2d416ca912049ed162a5740fbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: sKm8wrTlOVMgq2ZDqSOUk7IAiEC50N34
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 6HW0ZF9NHF3HJFDA
etag: "1fbf95f02d8875693800ef50cd15d64b"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 34030
x-amz-id-2: ieJzZ0D+v4rHzjttAiqRJTTn0+Zr3K5rYEBgCj2QXZJq2tYQAOpwciet5iaZz5Jddk5z8u5/v10=

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 353 KB
115 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RF1R3QHMJT&cx=c&_slc=1

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

490578a33c200375dd39516a2e5af81ba943bb56b8fc1140d96bec9e4f929dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 117297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 13 Apr 2024 11:51:33 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 109ms
31ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28810012-1&cid=2038011993.1713009093&jid=504505808&npa=1&_u=YCDAgEABAAAAAGAAI~&z=2000824211

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-28810012-1&cid=2038011993.1713009093&jid=504505808&npa=1&_u=YCDAgEABAAAAAGAAI~&z=2000824211

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 roboto.css
apps.mypurecloud.com/webfonts/ 4 KB
702 B 313ms
96ms Stylesheet
text/css 18.206.17.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/webfonts/roboto.css

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.206.17.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-206-17-46.compute-1.amazonaws.com

Software

nginx /

Resource Hash

3b7019f0c310bb3b78c1595f2bc96bad82d45b27c4eb14678fa4bd939b4192e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: riOx.2eTO2JnQVG.FcCPmzVfN9nopHWZ
last-modified: Thu, 14 Dec 2023 08:21:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: 8GVPNCBHZ6R7JZH0
etag: "98824ca6634181284fa891ff5ff859e9"
content-type: text/css
cache-control: max-age=0, no-cache
content-length: 325
x-amz-id-2: VzSA5L/BaQ0bdTt+OHpJjinXrVf3cFPmmrQfZmPbfyKVkZCQjnkvI2YbRTQjVW3Lwad6xX9A2OU=

GET
H2 200 json Show response
trc.taboola.com/1455175/trc/3/ 2 KB
2 KB 31ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1455175/trc/3/json?tim=1713009093071&data=%7B%22id%22%3A448%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1713009093063%2C%22cv%22%3A%2220240407-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fdkfadk.top%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dcarinsurance-kingpricewl-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1713009093070%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fkhgf.hndmex.cfd%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ccfc7c93001f242d1921994310fc562409c60fbb8f848f14ab8e53e0ac4e8a12

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 18
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.1845
x-fastly-to-nlb-rtt: 7396
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230070-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1713009093.135253,VS0,VE18
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.27/ 60 KB
25 KB 27ms
23ms Script
application/javascript 2620:1ec:46::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.27/clarity.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: br
last-modified: Tue, 02 Apr 2024 23:38:07 GMT
etag: W/"0x8DC536DF2EAB768"
vary: Accept-Encoding
x-azure-ref: 20240413T115133Z-17d488f697fvrwvluvtwfh7wx400000000a000000000h169
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: c278336b-a01e-003d-4958-8d58c0000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=57A382167FB64DCB9C0E578B9854DC7E&RedC=c.clarity.ms&MXFR=3459EBC566E16BCB13E7FFA562E165EE
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=57A382167FB64DCB9C0E578B9854DC7E&MUID=1737C40949A5668200E9D06948CE6745

42 B
441 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=57A382167FB64DCB9C0E578B9854DC7E&MUID=1737C40949A5668200E9D06948CE6745
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://khgf.hndmex.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:32 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76CF706928E347F282F210E3FC5C45CE Ref B: FRAEDGE1118 Ref C: 2024-04-13T11:51:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=57A382167FB64DCB9C0E578B9854DC7E&MUID=1737C40949A5668200E9D06948CE6745
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 richmediabridge.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 78 KB
22 KB 29ms
28ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/richmediabridge.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0f3d1130cfa466bf31cd046bb8629d82a089a5ca75949209bf0d2bee11becd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: cSvPrmC9PzKBfpstG4argKV7S03LZ8wd
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: CA0XYMAJ1VF29RQ3
etag: "5a3b69df897ae64c9edaf75e72965b45"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 22399
x-amz-id-2: S04GKw+POe/wIGO9WDiuFzUpOJAyPWtbtP6eu1fuliUiYzzbI8Td+KkLaqq+EbYlOZMvLeHad7o=

GET
H2 200 webchatservice.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 712 B
1 KB 192ms
191ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/webchatservice.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

21de18797facdc876c8da8198a867f74a637e0c3cb3bd7f7251bfd9aa5f011bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
x-amz-version-id: fyEx9SXr0AZLA2hyYj9z3sVPdxgREqF1
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
x-amz-request-id: DFFVQY79Z6DACXF4
etag: "3021b1156b50afafec448f39aa1d85d5"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 712
x-amz-id-2: mp5GWtlLtc8PezEW9MpyNeuWmLAO4Gag/FxBbKMJzzS0Vv1V369AUmEFHR8GVLz5Gz+9LFiXpfw=

GET
H2 200 toaster.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 3 KB
2 KB 28ms
28ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/toaster.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

62eaa181b63a9656e091a2cf6f70093ccc7252748cdd1ab4d1ae98a809f8c1c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: Iz2xWSbqiJ_SJ2GvhmhW_fhZKN4OG1Q9
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: VJEDGRRV1SV2M8Y7
etag: "cbbc27240b0bc25a8a602260ce5b4c23"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 1330
x-amz-id-2: E2tkuteo2aZ02os97EdTMyHRsoTJUzuD8gfKbPZYPbk2V59XsNaGPynqAylUiPDL66JuNNyBjQY=

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1441281971&t=event&ni=1&_s=2&dl=https%3A%2F%2Fkhgf.hndmex.cfd%2F&ul=de-de&de=UTF-8&dt=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=qyhx91&_u=aDDAgEABAAAAAGAAI~&jid=&gjid=&cid=2038011993.1713009093&tid=UA-28810012-1&_gid=1570132618.1713009093&gtm=45He44a0n51JHVPv552965za200&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Ffk7sk1yj5u%2Faeei8t%2Fqyhx91&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=822519247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 01:18:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37986
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 28ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1526582507670240&ev=PageView&dl=https%3A%2F%2Fkhgf.hndmex.cfd&rl=&if=false&ts=1713009093207&sw=1600&sh=1200&ud[ph]=670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf&v=2.9.153&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4156&fbp=fb.1.1713009093205.26231321&cs_est=true&pm=1&hrl=d26cb6&ler=empty&cdl=API_unavailable&it=1713009092981&coo=false&eid=1713010018998_17130093976381&tm=1&cs_cc=1&cas=7389755094449013%2C7405934282816485%2C8803053256402489%2C5699890850051077%2C7333866956727197%2C4653593681378446&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2757, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 13 Apr 2024 11:51:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3

200

/
www.google.de/pagead/1p-conversion/991406311/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=syph...
https://www.google.com/pagead/1p-conversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h...
https://www.google.de/pagead/1p-conversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...

42 B
64 B

23ms
23ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkhgf.hndmex.cfd%2F&label=J72qCP-D3YUBEOfR3tgD&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=488979216.1713009093&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5oP5k5C_hQMVQso7Ah0wJQ_GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8va2hnZi5obmRtZXguY2ZkLw&is_vtc=1&cid=CAQSGwB7FLtqclZNhqAsd7bOQ5fSgs0-0K5hZrXV4g&eitems=ChAI8NrosAYQ_oGQm6ztt5VMEh0AycWmCMhza2KJviR7WCXYrUYM6-fqgLM_icERug&random=4146373208&ipr=y

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://khgf.hndmex.cfd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Apr 2024 11:51:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/991406311/?random=2086624888&cv=11&fst=1713009093001&bg=ffffff&guid=ON&async=1&gtm=45be44a0z8552965za201&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fkhgf.hndmex.cfd%2F&label=J72qCP-D3YUBEOfR3tgD&hn=www.googleadservices.com&frm=0&tiba=Insurance%20%7C%20Car%20%26%20Business%20insurance%20%7C%20King%20Price%20Insurance&value=0&npa=1&pscdl=noapi&auid=488979216.1713009093&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.122%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.122&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&fmt=3&ct_cookie_present=false&sscte=1&crd=COG9sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI5oP5k5C_hQMVQso7Ah0wJQ_GMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8va2hnZi5obmRtZXguY2ZkLw&is_vtc=1&cid=CAQSGwB7FLtqclZNhqAsd7bOQ5fSgs0-0K5hZrXV4g&eitems=ChAI8NrosAYQ_oGQm6ztt5VMEh0AycWmCMhza2KJviR7WCXYrUYM6-fqgLM_icERug&random=4146373208&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK NRJS-8ff5632b9fea0cdb796 Show response
bam.nr-data.net/1/ 151 B
705 B 791ms
645ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-8ff5632b9fea0cdb796?a=1522542894,1522536193&v=1.256.0&to=Y1YEbBFVWxZQVhJfXlocK24gG30KXFAlWV9AQQlUD1FHSnhbAlNJ&rst=3360&ck=0&s=45519551b5b00c01&ref=https://khgf.hndmex.cfd/&ptid=b07c13aad9a1fb60&hr=0&af=err,xhr,stn,ins,spa&ap=18&be=1835&fe=892&dc=869&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1713009089907,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:17,%22c%22:17,%22s%22:17,%22ce%22:42,%22rq%22:43,%22rp%22:1836,%22rpe%22:2663,%22di%22:2690,%22ds%22:2703,%22de%22:2704,%22dc%22:2710,%22l%22:2710,%22le%22:2727%7D,%22navigation%22:%7B%7D%7D&fp=2321&fcp=2321
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb510e3361cfcd9e1deb0e03fb9dd70b02d548a09589257f031e953a3e292957

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 13 Apr 2024 11:51:34 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://khgf.hndmex.cfd
access-control-expose-headers: Date
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 873b3eb1d926901c-FRA
timing-allow-origin: https://khgf.hndmex.cfd

GET
H2 200 windowmanager.min.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 8 KB
3 KB 28ms
28ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/windowmanager.min.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

23d1b6c8e12fdf89ad7b1f2a3dab959dc3f585519885f4ebf0101df3bf124f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: klYDPj8bhA8B8WVDdBSdIsh5AUJexUj4
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: DFFVK8DZEYTPW70W
etag: "b03f4bea07d1742ad1d1644afdcf5054"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 2754
x-amz-id-2: lj1ry9pfbw10sVRRivRbFZn8QvVzi7u1zjtWsEHOd+6NQn8niKtTr+BmgQWc47DaJTmcZMCJxnc=

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
295 B 398ms
107ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://khgf.hndmex.cfd
Date: Sat, 13 Apr 2024 11:51:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 main.MTFhN2NkNDczMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 410 KB
109 KB 100ms
99ms Script
application/javascript 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6c43fdb
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124544FB3D6679F8EA88EF7D2A
x-tt-trace-id: 00-240408124544FB3D6679F8EA88EF7D2A-12311A31AE7D2723-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0111ef3aae5bca7afdfa7879c914881e92967dac3d6686695f8342e06515a5c5572514f5f632d35a3902a1ce09623acf851900fd8eadd23f350272a1fcc4c13d1a3abe852c67aabdf5bd3be15ce05d0ea4e6b548879273366cbb5cad289007a4df
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 111156

GET
H2 200 main.MTFhN2NkNDczMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 431 KB
114 KB 283ms
282ms Script
application/javascript 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMQ.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6c43fdc
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024040812454269ED31D20B936DE635DE
x-tt-trace-id: 00-24040812454269ED31D20B936DE635DE-4BA42230DA48FD77-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e009bfe0408ce6da02372c20f54ff8c3e8d9bb87e3f313c2d2f8127099708d7564cf484e8b86859a600269fbd3e364755e55455829914142896c49aebf2553965b22f20ee36fc70b6ba353c73f4f39cd20a8cc306f0444ab835079cc1bab3c3d
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=5
content-length: 116270

GET
H2 200 webchatservicenextgen.mod.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 15 KB
4 KB 202ms
202ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/webchatservicenextgen.mod.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d3159a1b47c1d78ecb87df8a156f31ca59a6efc5a7e573b400d2ad30cedc6c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: rFtr0CrKIFpXK6amAxGB.4edoCB7n_US
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: DFFWHYJT10JCZHMZ
etag: "61482f50e19394f402de5401e9f5f8c6"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 4026
x-amz-id-2: S092xDzl9IlZGLV+WKM4fZ6K+s5rzeKdn+qxIME6jIIzZuSeOU9lbe2PbiZhz4aAAIYYeF3xKqc=

GET
H2 200 pure-cloud-v2-sockets-transport.mod.js Show response
apps.mypurecloud.ie/widgets/9.0/plugins/ 30 KB
8 KB 183ms
182ms Script
text/javascript 54.228.155.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.ie/widgets/9.0/plugins/pure-cloud-v2-sockets-transport.mod.js

Requested by

Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.155.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-155-162.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dd61f5b6f0040af84d860069ee3f8ff52f6ca0d9fb50b7a7ca6ecd956437d4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-amz-version-id: .1LEf0Off9JwgQd81feH6t_.AU_KYATE
last-modified: Wed, 15 Nov 2023 08:57:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-request-id: DFFPG0R81YN748HE
etag: "a4b537be63e0763198ee4a5df0021c2e"
content-type: text/javascript
cache-control: max-age=0, no-cache
content-length: 7924
x-amz-id-2: v1TeIh+uNW3juQucuIppddlsm3p1FFOatCxkni0dhkiEkANjweHJRh8qzBsLVd9E4AIw1hedFh4=

GET
H2 200 5IY5ZC4HGREFRPMQHG4R3V Show response
d.adroll.com/consent/check/ 502 B
595 B 119ms
30ms Script
application/javascript 2a05:d018:cc3:fe04:ee26:ded1:edd1:f90d
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/5IY5ZC4HGREFRPMQHG4R3V?pv=52143102896.11861&arrfrr=https%3A%2F%2Fkhgf.hndmex.cfd%2F&_s=8ef12fc72c83ddb3ae837ba6490f6045&_b=2
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:ee26:ded1:edd1:f90d Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: d30acd10f701519e5d11aa9603a8e400d857b5a93cf24755e4ce84a66103a1b1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 11:51:33 GMT
server: nginx/1.22.1
content-length: 502
content-type: application/javascript

GET
H2 200 identify_38a7e.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 103ms
103ms Script
application/javascript 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_38a7e.js
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 6c440e9
date: Sat, 13 Apr 2024 11:51:33 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240408124543B1BABE1D6C6831EDBC56
x-tt-trace-id: 00-240408124543B1BABE1D6C6831EDBC56-0900C118C4EA7B5D-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e009bfe0408ce6da02372c20f54ff8c3e8d9bb87e3f313c2d2f8127099708d75277eed602ad6ae6eb756d3e0643c9dff2f6460579774204d5f69dbe8aee87334a822a96012b7edb26b461f4fd2de14d648d3648f449d24b0af39ce51db9315c7
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 37012

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
967 B 330ms
116ms Ping
text/plain 23.218.107.192
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.107.192 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-107-192.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4afaf307.13644540
date: Sat, 13 Apr 2024 11:51:34 GMT
x-bytefaas-request-id: 20240413115133B3D6EE76E7D6F82C4A83
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240413115133B3D6EE76E7D6F82C4A83-566781A048933117-00
x-cache: TCP_MISS from a23-218-107-188.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55502997) (-)
x-parent-response-time: 27,23.218.107.188
server-timing: cdn-cache; desc=MISS, edge; dur=20, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240413115133B3D6EE76E7D6F82C4A83
x-cache-remote: TCP_MISS from a23-202-158-71.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55502997) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.00
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55eb2d24f9c61b8fa20cc8cda32c7729ac74e6ecd8c5e9d99e6aef1aab9349e603d897455d8b7680a4f4a3cee1c50091417d4c16c3319238306c0f2ba3245dd263deac866d6e7610e12e2dee01a199d0795d4bfe5942256d5059b508a3289b14989
x-origin-response-time: 9,23.202.158.71
access-control-allow-headers: *
expires: Sat, 13 Apr 2024 11:51:34 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
699 B 141ms
140ms Ping
text/plain 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6c4413f
date: Sat, 13 Apr 2024 11:51:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240413115133EA00600DF499111AA80C-4B9911FC11D9B649-00
x-cache: TCP_MISS from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=21, cdn-cache; desc=MISS, edge; dur=6, origin; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240413115133EA00600DF499111AA80C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.194.131.213
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55e1030a336000a82d2fbda24d8b49667cc7af0c64c43cd980eb2fc97343640a57d5437610c85c88eb73989e1a43b75f698769d563ec23b3c2bd27055e45be9517ffb23730f14c60622e93f3a916e0b9827
access-control-allow-headers: Authorization,*
expires: Sat, 13 Apr 2024 11:51:33 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
700 B 182ms
182ms Ping
text/plain 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6c44140
date: Sat, 13 Apr 2024 11:51:33 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404131151336D0F1F1A4D77132E33E4-5EF551A753564FF2-00
x-cache: TCP_MISS from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=25, cdn-cache; desc=MISS, edge; dur=7, origin; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404131151336D0F1F1A4D77132E33E4
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.194.131.213
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55e1030a336000a82d2fbda24d8b49667ccc5dbac1e911e1475c564e20df5a80db09dc0354971cb34ed9049adcb15c566aad1f2dd68508dc5bcb98e004056f97b26be75c1db87d3c847a99b1a258a594daa
access-control-allow-headers: Authorization,*
expires: Sat, 13 Apr 2024 11:51:33 GMT

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
295 B 491ms
299ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://khgf.hndmex.cfd
Date: Sat, 13 Apr 2024 11:51:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 149ms
149ms Ping
text/plain 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6c441c9
date: Sat, 13 Apr 2024 11:51:34 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404131151347157B4C79BDF8719EA69-60D6F09827DCADB6-00
x-cache: TCP_MISS from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=33, cdn-cache; desc=MISS, edge; dur=10, origin; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404131151347157B4C79BDF8719EA69
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 40,23.194.131.213
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55e1030a336000a82d2fbda24d8b49667ccfd41df3fd8669d884cfa6d0a287b8f7a6d643a060c0e951b2993e12961a8d44d112bcf899c8efeab8ed1fa01d84cdbb18437ce00c2f833224f80723ad47a6425
access-control-allow-headers: Authorization,*
expires: Sat, 13 Apr 2024 11:51:34 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 433ms
432ms Ping
text/plain 23.194.131.217
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFhN2NkNDczMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.194.131.217 Philadelphia, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-194-131-217.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 6c441ca
date: Sat, 13 Apr 2024 11:51:34 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2404131151346D0F1F1A4D77132E33FF-74172FEB5889A780-00
x-cache: TCP_MISS from a23-194-131-213.deploy.akamaitechnologies.com (AkamaiGHost/11.4.5-55391218) (-)
server-timing: inner; dur=22, cdn-cache; desc=MISS, edge; dur=96, origin; dur=240
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202404131151346D0F1F1A4D77132E33FF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 240,23.194.131.213
x-tt-trace-host: 01c2ac37b23a23fb2c828d6ccd283ff55e1030a336000a82d2fbda24d8b49667ccc5dbac1e911e1475c564e20df5a80db0fd6659045cc9e65e2ce383dc3946bc91cd69d0047c438ac468e5dec228255d034e1a20f542a3f7222089d972528cd364
access-control-allow-headers: Authorization,*
expires: Sat, 13 Apr 2024 11:51:34 GMT

POST
H/1.1 200
OK NRJS-8ff5632b9fea0cdb796 Show response
bam.nr-data.net/resources/1/ 16 B
396 B 640ms
639ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-8ff5632b9fea0cdb796?a=1522542894,1522536193&v=1.256.0&to=Y1YEbBFVWxZQVhJfXlocK24gG30KXFAlWV9AQQlUD1FHSnhbAlNJ&rst=4185&ck=0&s=45519551b5b00c01&ref=https://khgf.hndmex.cfd/&ptid=b07c13aad9a1fb60&st=1713009089907&hr=0&fts=1713009089907&n=26&fsh=1
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f492b92fa416df91ea28c6c8184fed06cb2b9c53ca0a5384fafd567be9f844

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 13 Apr 2024 11:51:34 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://khgf.hndmex.cfd
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 873b3eb61c3d901c-FRA
Content-Length: 16

POST
H/1.1 200
OK NRJS-8ff5632b9fea0cdb796 Show response
bam.nr-data.net/events/1/ 24 B
403 B 593ms
578ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-8ff5632b9fea0cdb796?a=1522542894,1522536193&v=1.256.0&to=Y1YEbBFVWxZQVhJfXlocK24gG30KXFAlWV9AQQlUD1FHSnhbAlNJ&rst=4192&ck=0&s=45519551b5b00c01&ref=https://khgf.hndmex.cfd/&ptid=b07c13aad9a1fb60&hr=0
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

Date: Sat, 13 Apr 2024 11:51:34 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://khgf.hndmex.cfd
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 873b3eb63d45911e-FRA
Content-Length: 24

GET
H2 204 unip Show response
trc-events.taboola.com/1455175/log/3/ 0
247 B 62ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1455175/log/3/unip?en=pre_d_eng_tb&tos=1592&scd=0&ssd=1&est=1713009093067&ver=36&isls=true&src=i&invt=1500&msa=4717&rv=1&tim=1713009094659&vi=1713009093063&ri=d590cb79b70886164de1d834a6327285&ref=null&cv=20240407-9-RELEASE&item-url=https%3A%2F%2Fkhgf.hndmex.cfd%2F
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://khgf.hndmex.cfd
pragma: no-cache
date: Sat, 13 Apr 2024 11:51:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H/1.1 204
No Content collect Show response
k.clarity.ms/ 0
295 B 98ms
98ms XHR
text/plain 20.96.88.162
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://k.clarity.ms/collect
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.96.88.162 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/x-clarity-gzip
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://khgf.hndmex.cfd
Date: Sat, 13 Apr 2024 11:51:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 204 unip Show response
trc-events.taboola.com/1455175/log/3/ 0
246 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1455175/log/3/unip?en=pre_d_eng_tb&tos=4593&scd=0&ssd=1&est=1713009093067&ver=36&isls=true&src=i&invt=3000&msa=4717&rv=1&tim=1713009097661&vi=1713009093063&ri=d590cb79b70886164de1d834a6327285&ref=null&cv=20240407-9-RELEASE&item-url=https%3A%2F%2Fkhgf.hndmex.cfd%2F
Requested by: Host: khgf.hndmex.cfd
URL: https://khgf.hndmex.cfd/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://khgf.hndmex.cfd/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://khgf.hndmex.cfd
pragma: no-cache
date: Sat, 13 Apr 2024 11:51:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
khgf.hndmex.cfd/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: fyqkbuh4suba1yvsoz5udrxp
khgf.hndmex.cfd/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: 3-jBgmfThBbXqpz97Mz4XRGwTlgjYqNQZgLwL9rX1P6I3HsAqRo0U6JMEa-iE3-WKYd-WZiq7L4o936N6lP7M-SQN-be-14SVPm7g7czvVc1
.hndmex.cfd/	1970-01-20 21:59:45	Name: _gcl_au Value: 1.1.488979216.1713009093
.hndmex.cfd/	1970-01-21 05:26:09	Name: _ga_RF1R3QHMJT Value: GS1.1.1713009092.1.0.1713009092.60.0.1745382014
.hndmex.cfd/	1970-01-20 19:51:35	Name: _uetsid Value: 2c528790f98c11eebcf36716af4dfcb5
.hndmex.cfd/	1970-01-21 05:11:45	Name: _uetvid Value: 2c529b50f98c11eeb9e4ef486686208c
.hndmex.cfd/	1970-01-21 05:26:09	Name: _ga Value: GA1.2.2038011993.1713009093
.hndmex.cfd/	1970-01-20 19:51:35	Name: _gid Value: GA1.2.1570132618.1713009093
.hndmex.cfd/	1970-01-20 19:50:09	Name: _dc_gtm_UA-28810012-1 Value: 1
.bing.com/	1970-01-21 05:11:45	Name: MUID Value: 1737C40949A5668200E9D06948CE6745
www.clarity.ms/	1970-01-21 04:35:45	Name: CLID Value: 70b6d96144ec4c4b9e5d327dddef6167.20240413.20250413
.hndmex.cfd/	1970-01-21 04:35:45	Name: _clck Value: aeei8t%7C2%7Cfkw%7C0%7C1564
.hndmex.cfd/	1970-01-20 21:59:45	Name: _fbp Value: fb.1.1713009093205.26231321
.tiktok.com/	1970-01-21 05:11:45	Name: _ttp Value: 2f2paxP4Sr4KrsyFlLzLSp3wV5A
.hndmex.cfd/	1970-01-21 04:35:45	Name: _hjSessionUser_572361 Value: eyJpZCI6ImYyMmZkNTBhLWM4NDYtNTQ5NC1iNTI5LTFkZmJhZTkwMTQ0OCIsImNyZWF0ZWQiOjE3MTMwMDkwOTMyNTgsImV4aXN0aW5nIjpmYWxzZX0=
.hndmex.cfd/	1970-01-20 19:50:10	Name: _hjSession_572361 Value: eyJpZCI6ImEwMDY3MzcxLWZkZTctNDgxMy1hYmZmLWE1ODZlZGU0YWRiMCIsImMiOjE3MTMwMDkwOTMyNjAsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.c.bing.com/	1970-01-20 20:00:13	Name: MR Value: 0
.c.bing.com/	1970-01-21 05:11:45	Name: SRM_B Value: 1737C40949A5668200E9D06948CE6745
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 05:11:45	Name: MUID Value: 1737C40949A5668200E9D06948CE6745
.c.clarity.ms/	1970-01-20 20:00:13	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 19:50:09	Name: ANONCHK Value: 0
khgf.hndmex.cfd/	1970-01-20 19:50:09	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1713009093342%7D
.doubleclick.net/	1970-01-20 19:50:09	Name: test_cookie Value: CheckForPermission
.hndmex.cfd/	1970-01-21 05:11:45	Name: _tt_enable_cookie Value: 1
.hndmex.cfd/	1970-01-21 05:11:45	Name: _ttp Value: F2U99vvOxFRc0XRuMyanuIGqnt-
.hndmex.cfd/	1970-01-20 19:51:35	Name: _clsk Value: qyhx91%7C1713009093725%7C1%7C1%7Ck.clarity.ms%2Fcollect

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1526582507670240?v=2.9.153&r=stable&domain=khgf.hndmex.cfd&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 94) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://khgf.hndmex.cfd/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.pangle-ads.com
analytics.tiktok.com
apps.mypurecloud.com
apps.mypurecloud.ie
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
cdn.taboola.com
connect.facebook.net
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js-agent.newrelic.com
k.clarity.ms
khgf.hndmex.cfd
maxcdn.bootstrapcdn.com
region1.analytics.google.com
s.adroll.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
wave.outbrain.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.32.27.54
141.226.228.48
142.250.185.194
151.101.1.44
162.247.241.14
18.206.17.46
18.66.102.53
2.21.17.117
20.96.88.162
2001:4860:4802:34::36
23.194.131.217
23.218.107.192
2600:9000:2644:c000:6:9280:1080:93a1
2602:816:5001::39
2606:4700:3037::6815:4e70
2606:4700::6812:acf
2620:1ec:46::64
2620:1ec:c11::237
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:cc3:fe04:ee26:ded1:edd1:f90d
54.228.155.162
64.202.112.191
68.219.88.97
01c33068e9076a8d5385f0ff6bdeeb87a7c2112641c221775c9304ba2282eb4d
039ca3e530e0a389bada8336d5be359f2a2f6c2d416ca912049ed162a5740fbc
064498b71b52947b6fc0d4f4a132ded9b2eff27ff8ad1f21a3b1eb608fa0a09d
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0f3d1130cfa466bf31cd046bb8629d82a089a5ca75949209bf0d2bee11becd5f
13fdcefd13e383de5b9869237a011799f42054f446c7cb0a4fd921e0b4f05b2a
1c7a13438386b27ae3874ff95ac5cb2ed21b805261427e9da870e93c35e788de
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
21de18797facdc876c8da8198a867f74a637e0c3cb3bd7f7251bfd9aa5f011bf
23d1b6c8e12fdf89ad7b1f2a3dab959dc3f585519885f4ebf0101df3bf124f8d
2438d87960cd92b0bfb0c474e6cd4ef0ac3901c586f25db294088e7498eff983
2558e574edbdf92876a6a9708c9d30e131aa866c3993762165ffa8af71e557fb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35577fb7083810ea17b377716f987463e17fe79c3415f0741eb6da96b1548941
3b7019f0c310bb3b78c1595f2bc96bad82d45b27c4eb14678fa4bd939b4192e3
3f4218548e72590bf64866caed3cf7d16fef14a9c35e493d0d8b2c8a55a1efbd
40d88af2e088920665931b4d7d4c3574fb546e9b54bc03c6e6b075a71e598407
412b8ff9c5ab32b9019fcd84bcd4a54c0e265a14528474f4ee45b27a20abeaeb
437c3044c01632c51ce00c421c0fad32ab9423954dcb446a33422f08b5b4de67
437f8e5d0d66f0a6603891d7a5c59688e7b2a87fa16d3c8dbf9e2a9129b72151
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f3ac82b2b794abe6e7ad266f4a68aa41c11b461d5e04c0fbcf79e3c2e2f9cf
482d1dd6e19c705493e390d6a3427887cfd2c47ec7ee7c85282370687a5ed2ee
4865103d9e2a12663d2c28b4663193cffc1e83c6b70a416b7bd07c6a971a0a06
490578a33c200375dd39516a2e5af81ba943bb56b8fc1140d96bec9e4f929dcd
49f310a5db53f7edc77bee4abbda4ade7f7836a8085bbe44b38ad4433c2f357d
4cb2bf2ac7ee26c2b6741133e5ef5b6b03796261c600ecb2827b20f7a6ea7232
5399abdc417a715c898de965f42e478f35277b30ed00ea05fe6dcd3e71dfe1f2
54a93775c58fff1978eb23b2f76fdd4704eae5c502ad86aaf6759afaa01f9aaf
5641c4ebc54ce9594d64add67399fd6142a079fc34d7fe2d23722757c4c81036
5650fc7aee0dd9510d47a6bde6829561a86e72dd2f7c4fb17127c3003b98892a
5859a6cc1e19c155a1ea2140c37cb02b897ab57ee7dabe75567fa8fbb63425c5
5cd14744a96f8838d6c8a07f2d73e06ea394030c3cd2396adfdd45ddb775b518
5d97e438677a16e845f3c8791a0126448a576e6fa1064168ef8c980cf639adbc
62eaa181b63a9656e091a2cf6f70093ccc7252748cdd1ab4d1ae98a809f8c1c0
63fef8ddd2519bef8a4b07e7207888c9342e5d5a77990cf9d260f9d37ca5c2d9
687815ed8f0732fa7a1e4c4560f148f6933f8c643856f70ecc26bcc459ccb5f1
68cc211f2324cafaae3ea7d084cd1283172ef6064124d82747b2303eb0287a92
75c6e7b494ac3fb6d92f38ab5d4f26ec9aa92d2b489bbc777d51bbdc2bde78ed
779db044e35779fb2ebfcf7ba658c37cad9407ec5b21574f5e46fdb4f87a7902
7974c0248c18769d6873ec1bffec4dffe5d4f2c713bd63366a0b55b5e61f213e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b89039e8ad7a37d96c34a01b52469f83cff2c4c68fbd3cf814ae2d66901b5a0
7e2125e121c1fdf9f6f9728e9ea64caf21e492843c63c85fb6d5fc70673a46c5
7ec85663bf99a89998e2464e5ff3615c84bbddf6cbcad8b04097d4b7a5cda4ca
7f4907d0abb2360d9f412146c9458b76f62a017f730c8feab2cc2748c3d0bde8
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
878d14b656d2fc7ae72c1d7fe451a279e1d2dc28b114a5131cda9e114ee89109
8ce2bf8791b33dc739f0aacfc913b41cd6b14d44772f9ae04112a0586b821464
8d04be1f575b406870c73e4f074bcaa406d712e489a3ac94563ad5bce94df485
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5cbc61e0e265b634de6ccd138fd0e8995af5c094dca339c3dd386ccffd9c00
a0e213a670d254203c1f7f978a4af01914d70c503348f9edf4fce92d80ff4245
a26bb46d0e0b9108e66a844bb4b2207c4c2829b37362d99866725bb3127e9a7c
a980baf0c9d8a25dc294bb6f547e8fa9267f7e4c2a9c6490735e2a2e344f2b22
ada2627af0ab913ca2870953c2da9dcddb617a2296765946875b9bae8ec1fbc7
ae576713bc196098f7438dede6ff1f835a23291c32b745ad7e6fb6db809a719b
af1a3aa3ba66d1d09d72c8c3fbae0f031be43f8c78a4d0f0ec78035b1473f4c1
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b8cc21ef66bdee95ea71e084a5985d8bd2da50e9c75e5c3e1619baabbc921104
baec6367becf496f2902d48ae7ea62aeac35e7973ea76461e6a2ada66e74d12f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bda2cf571d7ea45f68afcdc87f968090dbf4bbdec2c7d6d19ce591b3980c296f
c49c4169698d050b079aa7d410851d1220006c5d1709ca1a399062fa0b19a80b
c6effbed30ae0b7219fd6e4a1b6a55755673ef6ee43ce88ad8c9154e51418c41
c6f492b92fa416df91ea28c6c8184fed06cb2b9c53ca0a5384fafd567be9f844
c9150d6c5c9bfe349688d3c209b2be0b3170b3fc349061aba7c7e299ae63ec06
cad062d76a860d60b4d5cc3666b03d2038f9581d23cbdfd129cad0371045507d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ccfc7c93001f242d1921994310fc562409c60fbb8f848f14ab8e53e0ac4e8a12
ce43743c865728e2eff98694a167901ec7234befad61e87a4b333d38deeb1d1a
d30acd10f701519e5d11aa9603a8e400d857b5a93cf24755e4ce84a66103a1b1
d3159a1b47c1d78ecb87df8a156f31ca59a6efc5a7e573b400d2ad30cedc6c23
d98a000070b5b7b6841b8cdbc44bb89fe5a20a553e1a8685abca51c8732f961e
d99902464ea5a053d3834285e12852d7f460a08ca2b9d2b87c6c3137990286e0
da68ddf674a41b4f7417824058bb1a54b03a67d211f9681d47d782689135074e
dd61f5b6f0040af84d860069ee3f8ff52f6ca0d9fb50b7a7ca6ecd956437d4c5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb510e3361cfcd9e1deb0e03fb9dd70b02d548a09589257f031e953a3e292957
ed6d3879e83eea603a014f1a6918ebfbec89aa7abc0abc1a51daee288a10715f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fba894b5a25561184150e8711c3cec91130730c2dd53cf01b3fc9c4d4edb70
f0ff879d8ba666f11cb2795dff173ff7580ccc7a9650838dacd2511f2c28a3b2
f9872ad0ae5765ed264c3f17b4e7892985303a5863f4840cc28aa2cd502725a7
fa8cabe3021c19ba54e07d28a7722cd4bfdef39dea07207518113f7e161166bb
faf1a6e4b903b934e9f4b71d48632cbf229aa577d16027111e5ec7d1d3749eb2
fb1afc01c16fdad5719b09ee2f8e5d841b0cdb2a669bdabc8a6eec18cd72c018
fb54ab4765979682b63eb94e4b74429411b70986f138c4c97d9ea57f37019474
fe7f6273a056579251c5d717bad714034d8d9ca190ddac93bb77760adfaf3a86
ff8f659a28951861c16878f44c5b90bd0e89c7a937c9fb3cdc69e11c8f8c60bb
fff527372eaee0c63ed28c0c03ca0223216aa0e16dd8219664d04ca0bef8a0a8

khgf.hndmex.cfd Open in urlscan Pro 2606:4700:3037::6815:4e70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

112 Requests

98 %HTTPS

56 %IPv6

24 Domains

35 Subdomains

31 IPs

5 Countries

3787 kBTransfer

7999 kBSize

27 Cookies

15 Outgoing links

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

khgf.hndmex.cfd Open in urlscan Pro
2606:4700:3037::6815:4e70 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

98 %
HTTPS

56 %
IPv6

24
Domains

35
Subdomains

31
IPs

5
Countries

3787 kB
Transfer

7999 kB
Size

27
Cookies

112 HTTP transactions
0 data transactions