www.onechancemedia.com Open in urlscan Pro
198.49.23.144 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onechancemedia.com/general-virtual
Submission: On May 04 via manual (May 4th 2021, 1:11:20 pm UTC) from IN

Summary HTTP 108 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 25 domains to perform 108 HTTP transactions. The main IP is 198.49.23.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.onechancemedia.com.
TLS certificate: Issued by R3 on May 4th 2021. Valid for: 3 months.

This is the only time www.onechancemedia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
6	151.101.112.237 151.101.112.237	54113 (FASTLY) (FASTLY)
1 3	104.111.240.195 104.111.240.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.55.38.21 52.55.38.21	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:20:... 2606:4700:20::681a:1a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.140.39.77 51.140.39.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	151.101.112.238 151.101.112.238	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2ae::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28c::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	65.9.84.55 65.9.84.55	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	65.9.84.2 65.9.84.2	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.84.96 65.9.84.96	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
108	38

4 198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)

www.onechancemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.112.237 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

assets.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.240.195 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-240-195.deploy.static.akamaitechnologies.com

static1.squarespace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.38.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-38-21.compute-1.amazonaws.com

cdn.callrail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:1a2 (United States)

ASN13335 (CLOUDFLARENET, US)

uploader.squarewebsites.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.39.77 (Swansea, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

secure.text6film.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.238 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.squarespace-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

docs.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28c::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.55 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.2 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.84.96 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googleusercontent.com lh3.googleusercontent.com lh6.googleusercontent.com lh4.googleusercontent.com lh5.googleusercontent.com	34 MB
13	google.com docs.google.com adservice.google.com www.google.com play.google.com	831 KB
10	gstatic.com fonts.gstatic.com ssl.gstatic.com	102 KB
9	squarespace.com 1 redirects assets.squarespace.com static1.squarespace.com	552 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	155 KB
6	typekit.net use.typekit.net p.typekit.net	80 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	6 KB
4	onechancemedia.com www.onechancemedia.com	24 KB
3	google.de adservice.google.de www.google.de	484 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	bing.com bat.bing.com	9 KB
3	facebook.net connect.facebook.net	96 KB
2	facebook.com www.facebook.com	335 B
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	14 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	licdn.com snap.licdn.com	2 KB
1	googletagmanager.com www.googletagmanager.com	45 KB
1	squarespace-cdn.com images.squarespace-cdn.com	40 KB
1	text6film.com secure.text6film.com	403 B
1	squarewebsites.org uploader.squarewebsites.org	10 KB
1	callrail.com cdn.callrail.com	11 KB
0	Failed function sub() { [native code] }. Failed
108	25

	Domain	Requested by
11	lh4.googleusercontent.com	docs.google.com
7	docs.google.com	www.onechancemedia.com docs.google.com
6	lh5.googleusercontent.com	docs.google.com
6	fonts.gstatic.com	fonts.googleapis.com docs.google.com
6	assets.squarespace.com	www.onechancemedia.com
5	lh6.googleusercontent.com	docs.google.com
5	lh3.googleusercontent.com	docs.google.com
5	pagead2.googlesyndication.com	www.onechancemedia.com pagead2.googlesyndication.com assets.squarespace.com tpc.googlesyndication.com
5	use.typekit.net	www.onechancemedia.com
4	ssl.gstatic.com	docs.google.com
4	www.onechancemedia.com	www.onechancemedia.com assets.squarespace.com
3	play.google.com	docs.google.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.onechancemedia.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com
3	connect.facebook.net	www.onechancemedia.com connect.facebook.net
3	static1.squarespace.com	1 redirects www.onechancemedia.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.google.de	www.onechancemedia.com
2	www.google.com	www.onechancemedia.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	www.onechancemedia.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com assets.squarespace.com
2	fonts.googleapis.com	www.onechancemedia.com docs.google.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	assets.squarespace.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.onechancemedia.com
1	www.linkedin.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static.hotjar.com	www.onechancemedia.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	p.typekit.net	www.onechancemedia.com
1	www.googletagmanager.com	www.onechancemedia.com
1	images.squarespace-cdn.com	www.onechancemedia.com
1	secure.text6film.com	www.onechancemedia.com
1	uploader.squarewebsites.org	www.onechancemedia.com
1	cdn.callrail.com	www.onechancemedia.com
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	docs.google.com
108	42

This site contains links to these domains. Also see Links.

Domain
instagram.com
www.facebook.com

Subject Issuer	Validity	Valid
www.onechancemedia.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.squarespace.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-15` - `2022-03-23`	a year	crt.sh
cdn.callrail.com Amazon	`2021-03-26` - `2022-04-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
secure.norm0care.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-03` - `2021-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.squarespace-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-04-12` - `2021-10-12`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.onechancemedia.com/general-virtual
Frame ID: E48A41A63CFDBA7FEB3471E2844BF7A5
Requests: 57 HTTP requests in this frame

Frame: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000
Frame ID: 1A1FB3A259F2999303E23149AEB77381
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html
Frame ID: 51E3D11B825C85B46351C9E662DE2EDB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6137211868526557&output=html&adk=2411416291&adf=3730824246&lmt=1620133848&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620133848116&bpp=49&bdt=3744&idt=469&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6191929213331&frm=20&pv=2&ga_vid=1635165568.1620133849&ga_sid=1620133849&ga_hid=1658928835&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956&oid=3&pvsid=889551179412946&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=586
Frame ID: 5CE13D392AC3F6BBC1377077B2FE3125
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: F2C36E50A7F6C6CBDBE747653FD93CDB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3C2C47A495F8158304A5130EEE63920C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

108
Requests

99 %
HTTPS

69 %
IPv6

25
Domains

42
Subdomains

38
IPs

4
Countries

37149 kB
Transfer

46529 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://instagram.com/onechance.media
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OneChanceMedia
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://static1.squarespace.com/static/5a4d080d6f4ca3c3a8972190/t/5a901e4508522995fe0aa7c3/1619464723142/?format=1500w HTTP 301
https://images.squarespace-cdn.com/content/5a4d080d6f4ca3c3a8972190/1519394373632-46DBA9P19AJPSLH46EYX/Website+Logo.png?format=1500w&content-type=image%2Fpng

Request Chain 45

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D436020%26time%3D1620133849113%26url%3Dhttps%253A%252F%252Fwww.onechancemedia.com%252Fgeneral-virtual%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&liSync=true&e_ipv6=AQIoXai-PKUc0wAAAXk3gKrLzFUxwU9LonqbrxVRyOsrtfkoeZmtFRVpWGSEQhzVl2juONWl

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request general-virtual Show response
www.onechancemedia.com/ 53 KB
15 KB 614ms
227ms Document
text/html 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

0a9a7f15b42f21237866a2c48d162462dc130117e24f0e24faed1a8c8133a88e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: www.onechancemedia.com
:scheme: https
:path: /general-virtual
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Tue, 04 May 2021 13:10:43 GMT
etag: W/"793d659c98634f5ad89bb90b1b0ff9a6"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BdSuP0V1my/TYjg0OGRjMGE3NTM2ZWE2Y2Q2ZDMzNjljYTZmM2Q2;Path=/
strict-transport-security: max-age=43200
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: wOH3STRq/1XN9eQaK
content-length: 14633

GET
H2 200 hE8AzEEOFrCU3fIrVa137gKQImxAGw0Od_UFVr4w7f3fe76IfFHN4UJLFRbh52jhWDmyFeb352gqFcjXjhIDjDFy52qawRIowg74MkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0ZeB0-AmCOAuyZYi8ZfoDS... Show response
use.typekit.net/ik/ 17 KB
7 KB 45ms
20ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ik/hE8AzEEOFrCU3fIrVa137gKQImxAGw0Od_UFVr4w7f3fe76IfFHN4UJLFRbh52jhWDmyFeb352gqFcjXjhIDjDFy52qawRIowg74MkG0jAFu-WsoShFGZAsude80ZkoRdhXCHKoyjamTiY8Djhy8ZYmC-Ao1Oco8if37OcBDOcu8OfG0ZeB0-AmCOAuyZYi8ZfoDSWmyScmDSeBRZPoRdhXCHKoDSWmyScmDSeBRZWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0jhNlOeBRiA8XpWFR-emqiAUTdcS0dcmXOeBDOcu8Oesydc88dfuljAsaZAb0SaBujW48Sagyjh90jhNlOeUzjhBC-eNDifUzdcmR-eB0jhmlZAsTjPoRdhXCSaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPUaiaS0jAFu-WsoShFGZAsude80ZkoRdhXCiaiaOcBRiA8XpWFR-emqiAUTdcS0dcmXOYiaikoySkolZPUaiaS0ZeB0-AmCOAuyZYi8ZfoDSWmyScmDSeBRZPoRdhXCiaiaOcN0ZAFGjAoRZAu8Ze8yOcFzdPUaiaS0SaBujW48SagyjhmDjhy8ZYmC-Ao1OcFzdPJbiY4udWMlZhNX-e8ROWgkdkJmZcjldAmXjPuDZW4TZKuaZAJlSY4zJyiydYs8Scoyie9lZhNX-e8ROAozOQwlZfGHfFprMsMMeMb6MKGHfF-rMsMMeM96MKG4fOtTIMIjgPMfH6qJhBMbMy6IJMHbMLWEhLbB.js

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

e211dee64181ff246d2059c6f752ab9a4bfccb4b30cc22376190ff2f00896e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Tue, 04 May 2021 13:10:44 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6911

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1 KB 40ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e14a8aa4465d131496f06766808c441356f702c3719ef029376bfcbf2aecb336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 13:10:44 GMT
server: ESF
date: Tue, 04 May 2021 13:10:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 13:10:44 GMT

GET
H2 200 moment-js-vendor-26ddeab7fa5f90b6c8cb3-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 252 KB
39 KB 168ms
50ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/moment-js-vendor-26ddeab7fa5f90b6c8cb3-min.en-US.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 925818e35ed0851fba7408d7c438c261edbc941e343349d32aa07d25b2a3b653

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 3433803
x-cache: HIT, HIT
x-cache-hits: 1, 300661
content-encoding: br
content-length: 39407
x-served-by: cache-bwi5138-BWI, cache-hhn4052-HHN
last-modified: Thu, 18 Mar 2021 14:44:33 GMT
server: UploadServer
x-timer: S1620133845.567604,VS0,VE0
etag: "a5300ca56968fb06474b320df47af1b8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Mar 2022 19:20:41 GMT

GET
H2 200 cldr-resource-pack-7d6dc599f0e9e5882dcca-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 119 KB
19 KB 167ms
50ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-7d6dc599f0e9e5882dcca-min.en-US.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8c77794b795c43cb1944f06f8b8e834eb00a6088e5e3f0cd41b13c789105bb76

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 4892689
x-cache: HIT, HIT
x-cache-hits: 1, 339974
content-encoding: br
content-length: 18611
x-served-by: cache-bwi5153-BWI, cache-hhn4052-HHN
last-modified: Fri, 05 Mar 2021 21:05:23 GMT
server: UploadServer
x-timer: S1620133845.567587,VS0,VE0
etag: "cc4bb4494d5b1d507f57251fe2ec902c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Mar 2022 22:05:55 GMT

GET
H2 200 common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 244 KB
66 KB 307ms
190ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 92f4c853c533e4f30c8208bfccee564b78202886e58e0e5095866fd11980243e

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 74869
x-cache: HIT, HIT
x-cache-hits: 1, 4789
content-encoding: br
content-length: 67448
x-served-by: cache-bwi5169-BWI, cache-hhn4052-HHN
last-modified: Mon, 03 May 2021 15:47:12 GMT
server: UploadServer
x-timer: S1620133845.567932,VS0,VE0
etag: "feedfef06baa72a486118c558d38891e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 May 2022 16:22:55 GMT

GET
H2 200 common-vendors-4f20c6f208f38f1dc925d-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 689 KB
147 KB 449ms
333ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-4f20c6f208f38f1dc925d-min.en-US.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d09319c959d08d7c349dd964326333a08e281658983b5a784a12ac1962db44f4

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 48168
x-cache: HIT, HIT
x-cache-hits: 1, 3
content-encoding: br
content-length: 149796
x-served-by: cache-bwi5141-BWI, cache-hhn4052-HHN
last-modified: Mon, 03 May 2021 23:22:13 GMT
server: UploadServer
x-timer: S1620133845.568354,VS0,VE0
etag: "df01272eb6e2adb8cf3587d7ce719fac"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 May 2022 23:47:56 GMT

GET
H2 200 common-ca0ed9c94e7a97e66a11e-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 780 KB
148 KB 540ms
423ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/common-ca0ed9c94e7a97e66a11e-min.en-US.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 83b4d6790a610992a2b03c0246dfae63a9e210a2c2c3d2c568d6dc34f9333c1c

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 74869
x-cache: HIT, HIT
x-cache-hits: 14, 7
content-encoding: br
content-length: 151086
x-served-by: cache-bwi5162-BWI, cache-hhn4052-HHN
last-modified: Mon, 03 May 2021 15:47:15 GMT
server: UploadServer
x-timer: S1620133845.568428,VS0,VE0
etag: "a23f1e0377b46f09d1e0b39f398254f9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 May 2022 16:22:55 GMT

GET
H2 200 performance-0add3f16b92e7b8855b50-min.en-US.js Show response
assets.squarespace.com/universal/scripts-compressed/ 44 KB
12 KB 55ms
53ms Script
text/javascript 151.101.112.237
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.237 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2d75fcf9c777174f1245b30ed95b56d566213925377acd82698e4eb45ad43a2b

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
via: 1.1 varnish, 1.1 varnish
age: 1693707
x-cache: HIT, HIT
x-cache-hits: 2, 187122
content-encoding: br
content-length: 11868
x-served-by: cache-bwi5173-BWI, cache-hhn4052-HHN
last-modified: Wed, 14 Apr 2021 19:07:22 GMT
server: UploadServer
x-timer: S1620133847.275469,VS0,VE0
etag: "a371f3154565523939434f4b6c9e1887"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 22:42:19 GMT

GET
H2 200 site.css
static1.squarespace.com/static/sitecss/5a4d080d6f4ca3c3a8972190/205/55f0aac0e4b0f0a5b7e0b22e/5a4d0bc8652dea72c89841fb/344-05142015/1619464688141/ 894 KB
80 KB 173ms
47ms Stylesheet
text/css 104.111.240.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/sitecss/5a4d080d6f4ca3c3a8972190/205/55f0aac0e4b0f0a5b7e0b22e/5a4d0bc8652dea72c89841fb/344-05142015/1619464688141/site.css

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.240.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-240-195.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

f0c13cac3350e374e58473008eb3b9f5eac88eae17cbe88c0804e797072e99b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
strict-transport-security: max-age=43200
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
x-contextid: PIV1yz1r/15hzNRAf
date: Tue, 04 May 2021 13:10:44 GMT
vary: Accept-Encoding, "Accept-Encoding"
content-type: text/css; charset=UTF-8
cache-control: public, max-age=94368184
accept-ranges: bytes
timing-allow-origin: *
content-length: 81586
tracepoint: "Akamai"

GET
H2 200 swap.js Show response
cdn.callrail.com/companies/739795585/0154f228d21978fc6e0c/12/ 35 KB
11 KB 1169ms
185ms Script
text/javascript 52.55.38.21
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.callrail.com/companies/739795585/0154f228d21978fc6e0c/12/swap.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.55.38.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-38-21.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c04b9e8e0ad9da457c6eb1e6ca38fb25f6bffff24bce1109d57562574e60c9ef

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-runtime: 0.005604
date: Tue, 04 May 2021 13:10:45 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
etag: W/"c04b9e8e0ad9da457c6eb1e6ca38fb25"
content-type: text/javascript; charset=utf-8
status: 200 OK
cache-control: max-age=3600, public
timing-allow-origin: *
x-request-id: 087ff600-f898-4c0c-914f-aa7601fabf52

GET
H2 200 sqs-form-upload.min.js Show response
uploader.squarewebsites.org/ 32 KB
10 KB 191ms
125ms Script
application/javascript 2606:4700:20::681a:1a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://uploader.squarewebsites.org/sqs-form-upload.min.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: be4a623e2b77e3c1a6872ace915160b7e981783a9ca792a462a80cb86a6c81a6

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:44 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PleskLin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09d919ae0a00004a8037004000000001
last-modified: Sat, 07 Nov 2020 07:09:12 GMT
server: cloudflare
etag: W/"5fa64818-801f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VEyFlrdAzI4Ba2bcPF6k%2Baj%2BFkmygkEa7XszarpcfP2JtB3siRULUK6rtN2ESaV%2F8yB9eUmg6OLj1jDwnXllEqdNM6svCIuh3kRGclyIsMumjtJ2bPGktkg9W%2BNU%2FxnVsRQ3BAUz0lg%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: private, max-age=6000
cf-ray: 64a1f8901a5a4a80-FRA
expires: Tue, 04 May 2021 13:20:44 GMT

GET
H/1.1 200
OK 205074.js Show response
secure.text6film.com/js/ 16 B
403 B 505ms
58ms Script
text/javascript 51.140.39.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.text6film.com/js/205074.js
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.140.39.77 Swansea, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 6957cfaf128338c6e447e2ba0e9c5dc9b17cfb49e515eda3c077d3dc67d566b6

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 04 May 2021 13:10:44 GMT
Content-Encoding: gzip
Server: Kestrel
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, must-revalidate
Transfer-Encoding: chunked
Expires: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 65ms
24ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47791
x-xss-protection: 0
server: cafe
etag: 12720787893023158812
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 13:10:47 GMT

GET
H2

200

Website+Logo.png
images.squarespace-cdn.com/content/5a4d080d6f4ca3c3a8972190/1519394373632-46DBA9P19AJPSLH46EYX/
Redirect Chain

https://static1.squarespace.com/static/5a4d080d6f4ca3c3a8972190/t/5a901e4508522995fe0aa7c3/1619464723142/?format=1500w
https://images.squarespace-cdn.com/content/5a4d080d6f4ca3c3a8972190/1519394373632-46DBA9P19AJPSLH46EYX/Website+Logo.png?format=1500w&content-type=image%2Fpng

40 KB
40 KB

152ms
45ms

Image
image/png

151.101.112.238
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.squarespace-cdn.com/content/5a4d080d6f4ca3c3a8972190/1519394373632-46DBA9P19AJPSLH46EYX/Website+Logo.png?format=1500w&content-type=image%2Fpng
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.112.238 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 115d1b7feef2c0443e6006087afd3e751365154d033f08a9b034f8e6c767b9bd

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
via: 1.1 google, 1.1 varnish, 1.1 varnish
age: 440536
x-cache: HIT, HIT
content-length: 40670
x-served-by: cache-bwi5180-BWI, cache-hhn4057-HHN
x-timer: S1620133848.051418,VS0,VE1
tracepoint: Fastly
etag: CPuq4uDcxesCEAE=
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

Redirect headers

pragma: cache
strict-transport-security: max-age=43200
x-content-type-options: nosniff
server: Squarespace
x-contextid: M1n2Mkd9/Pj677EL1
access-control-allow-origin: *
date: Tue, 04 May 2021 13:10:47 GMT
vary: "Accept-Encoding"
content-type: image/png
location: https://images.squarespace-cdn.com/content/5a4d080d6f4ca3c3a8972190/1519394373632-46DBA9P19AJPSLH46EYX/Website+Logo.png?format=1500w&content-type=image%2Fpng
access-control-expose-headers: Content-Length, Timing-Allow-Origin
cache-control: public, max-age=604770
timing-allow-origin: *, *
content-length: 0
tracepoint: "Akamai"

GET
H2 200 site-bundle.js Show response
static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/344/scripts/ 132 KB
42 KB 97ms
49ms Script
application/javascript 104.111.240.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.squarespace.com/static/ta/55f0a9b0e4b0f3eb70352f6d/344/scripts/site-bundle.js

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.240.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-240-195.deploy.static.akamaitechnologies.com

Software

Squarespace /

Resource Hash

bbb4eb0d71ed047255ad98b64ced9d5774773f06d9ad9cf665034b85211636e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
strict-transport-security: max-age=0
content-encoding: gzip
x-content-type-options: nosniff
server: Squarespace
x-contextid: LpkLtCXY/SlnnbsKF
date: Tue, 04 May 2021 13:10:45 GMT
vary: Accept-Encoding, "Accept-Encoding"
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=91289645
accept-ranges: bytes
timing-allow-origin: *
content-length: 42351
tracepoint: "Akamai"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 125 KB
45 KB 49ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6DJPZ8

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d7c1cd1a26f46c443072081453557ae1d820488d1417bbd6184b4e55dc114f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45910
x-xss-protection: 0
last-modified: Tue, 04 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 04 May 2021 13:10:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 10ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: JkBWDptGl51w4+xmiNozlRflUrfEVhnjLM6ST/mwj4n94VkI5pu60FjWG3O7Ob8LBGU99GkNQE0cIPxx+GZMIA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 04 May 2021 13:10:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ui-icons.svg
www.onechancemedia.com/assets/ 8 KB
8 KB 188ms
187ms Other
image/svg+xml 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onechancemedia.com/assets/ui-icons.svg

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

:path: /assets/ui-icons.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.onechancemedia.com
referer: https://www.onechancemedia.com/general-virtual
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.onechancemedia.com/general-virtual
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: cache
date: Mon, 26 Apr 2021 19:45:35 GMT
x-content-type-options: nosniff
server: Squarespace
cache-control: public, max-age=94608000
age: 667512
etag: W/"31da23e7db97e8842cb568ee4a3e47b6"
strict-transport-security: max-age=43200
content-type: image/svg+xml
access-control-allow-origin: *
x-contextid: wOH3STRq/5hdNgiRW
set-cookie: crumb=BVhPt38ewPADYzJkMjBlNWNkOTdlMTcxN2Q0ODAwYzU1M2YyYmIw;Path=/
accept-ranges: bytes
content-length: 8459
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed
docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/ Frame 1A1F 5 MB
496 KB 1038ms
1000ms Document
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-XejHY73raFNM2ZoMg2wlpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: docs.google.com
:scheme: https
:path: /presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.onechancemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onechancemedia.com/

Response headers

content-type: text/html; charset=utf-8
x-robots-tag: noindex, nofollow, nosnippet
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-XejHY73raFNM2ZoMg2wlpw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: NID=214=ZfdAsbMNFx9AYhlvFIFB08jVZvAVdbXk1jjZhhUggEIq5VI1EKFGko-pP9JWzQCn_APBFTLv5igXNRtu2puc5dW1ik_08LHI3af9jIfJefUxKkY7VQVkDGqu6TjYaywhxYQLGZI1Bke4FkhEHbTTetXwiLTLGLcc24eIHsgmNFI; expires=Wed, 03-Nov-2021 13:10:47 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none S=apps-presentations=nIsrLonYIFFr-aQIMj25abXVu63AmmBKFncJ3kjaamE; Domain=.docs.google.com; Expires=Tue, 04-May-2021 14:10:48 GMT; Path=/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj; Secure; HttpOnly; Priority=LOW; SameSite=none GFE_RTT=983; Domain=.docs.google.com; Expires=Tue, 04-May-2021 13:15:48 GMT; Path=/; Secure; Priority=LOW; SameSite=strict
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.onechancemedia.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 46716
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 04 May 2022 00:12:11 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.onechancemedia.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 04:23:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 204444
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
expires: Mon, 02 May 2022 04:23:23 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;700&family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.onechancemedia.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 473235
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 29 Apr 2022 01:43:32 GMT

POST
H2 200 RecordHit Show response
www.onechancemedia.com/api/census/ 17 B
322 B 176ms
176ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.onechancemedia.com/api/census/RecordHit

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-4f20c6f208f38f1dc925d-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),

Reverse DNS

Software

Squarespace /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://www.onechancemedia.com
accept-encoding: gzip, deflate, br
x-csrf-token: BVhPt38ewPADYzJkMjBlNWNkOTdlMTcxN2Q0ODAwYzU1M2YyYmIw
accept-language: en-US
sec-fetch-dest: empty
cookie: crumb=BVhPt38ewPADYzJkMjBlNWNkOTdlMTcxN2Q0ODAwYzU1M2YyYmIw; ss_cvr=8ebf623f-66cb-4275-9547-fa7ca7c1d6ff|1620133847776|1620133847776|1620133847776|1; ss_cvt=1620133847776
content-length: 850
:path: /api/census/RecordHit
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/plain, */*
cache-control: no-cache
:authority: www.onechancemedia.com
referer: https://www.onechancemedia.com/general-virtual
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/plain, */*
Referer: https://www.onechancemedia.com/general-virtual
X-CSRF-Token: BVhPt38ewPADYzJkMjBlNWNkOTdlMTcxN2Q0ODAwYzU1M2YyYmIw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
x-content-type-options: nosniff
server: Squarespace
strict-transport-security: max-age=43200
content-type: application/json;charset=utf-8
x-contextid: wOH3STRq/755Vl0ot
set-cookie: ss_cid=5627efa7-3405-4854-9f17-a54ac42571df; Path=/; Expires=Thu, 04-May-2023 13:10:47 GMT; Max-Age=63072000 ss_cvisit=1620133847927; Path=/; Expires=Tue, 04-May-2021 13:40:47 GMT; Max-Age=1800 ss_cpvisit=1620133847927; Path=/; Expires=Thu, 04-May-2023 13:10:47 GMT; Max-Age=63072000
content-length: 17
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 settings Show response
www.onechancemedia.com/api/1/performance/ 3 KB
519 B 176ms
174ms XHR
application/json 198.49.23.144
SQUARESPACE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onechancemedia.com/api/1/performance/settings
Requested by: Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software: Squarespace /
Resource Hash: 51cc1f0972be78ac52d10068a8ff6cda181704dadaa46030050dae0bf48a028f

Request headers

:path: /api/1/performance/settings
pragma: no-cache
cookie: crumb=BVhPt38ewPADYzJkMjBlNWNkOTdlMTcxN2Q0ODAwYzU1M2YyYmIw; ss_cvr=8ebf623f-66cb-4275-9547-fa7ca7c1d6ff|1620133847776|1620133847776|1620133847776|1; ss_cvt=1620133847776
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.onechancemedia.com
referer: https://www.onechancemedia.com/general-virtual
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.onechancemedia.com/general-virtual
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
server: Squarespace
x-contextid: wOH3STRq/DPV6ck4f
content-length: 417
vary: Accept-Encoding, User-Agent
content-type: application/json

GET
H2 200 l
use.typekit.net/af/db90e9/00000000000000007735a57d/30/ 14 KB
14 KB 25ms
23ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/db90e9/00000000000000007735a57d/30/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5bfc2a9ca22320bf23822c5c5a95a29c85fc1dc325cd727e1893924cd352b4e4

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
server: nginx
etag: "9ecd413da346c9e0b4ecba784271423397581f2b"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14332

GET
H2 200 l
use.typekit.net/af/49d57b/00000000000000007735a578/30/ 15 KB
15 KB 24ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/49d57b/00000000000000007735a578/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: be2ec10abf59c11e5f8ec950a3f93e63a19d63034fa64c7d53610bbe48ea5461

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
server: nginx
etag: "01fc64883255b11c85ad34a3a8bd03b61f41c81e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 15072

GET
H2 200 l
use.typekit.net/af/3058a4/0000000000000000773599a9/30/ 22 KB
23 KB 31ms
30ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3058a4/0000000000000000773599a9/30/l?subset_id=2&fvd=n5&v=3
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
server: nginx
etag: "7c5a55cb7220fe344b11a91cdde97f107e1e0127"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23004

GET
H2 200 l
use.typekit.net/af/e019e3/000000000000000077359df9/30/ 21 KB
21 KB 46ms
45ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e019e3/000000000000000077359df9/30/l?subset_id=2&fvd=n4&v=3
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9cd34d28c16f84b5992d5dfa633934d20560ff2f8d05ac9df4649d2180520f99

Request headers

Origin: https://www.onechancemedia.com
Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
server: nginx
etag: "82f7a57a050de35674354ea93c31ff1800f67717"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21228

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/ 223 KB
82 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6137211868526557&plah=www.onechancemedia.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84200
x-xss-protection: 0
server: cafe
etag: 1635929098252524918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 13:10:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/ Frame 51E3 10 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210429/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210429/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.onechancemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onechancemedia.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 04 May 2021 02:53:05 GMT
expires: Tue, 18 May 2021 02:53:05 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 37063
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 166454350677681 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 67ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/166454350677681?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f555b1c1551c693503713c84fcafc3d70b24ec3b1a448f9263dd854ae47503f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: NucKmVYhkYa6m/fwcp+uoro8/ONyntp2D9z+M/za9daJUsV3JkNpRxizDo1xJ1Qe0W+2kG88+9LNyRt9Ed6Nmg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 04 May 2021 13:10:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 8ms
8ms Image
image/gif 2a02:26f0:6c00:2ae::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=2&k=646866_5a4d080d6f4ca3c3a8972190&ht=tk&h=www.onechancemedia.com&f=24407.24406.5310.10328&a=646866&js=1.20.0&app=typekit&e=js&_=1620133848310
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 48ms
40ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DJPZ8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5413
date: Tue, 04 May 2021 11:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 04 May 2021 13:40:35 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 24ms
10ms Script
application/x-javascript 2a02:26f0:6c00:28c::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DJPZ8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28c::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 04 May 2021 13:10:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=57871
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 34ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DJPZ8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:47 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 17:21:02 GMT
x-msedge-ref: Ref A: 5C8C475324604D6C9B8C2C9E088BD5F7 Ref B: FRAEDGE1415 Ref C: 2021-05-04T13:10:48Z
etag: "0d398608930d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8910

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 83ms
78ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6DJPZ8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c322060c87967c74e8e1469862cab247ad7aa0c66e35918333904a125edcf3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13927
x-xss-protection: 0
server: cafe
etag: 12538688089800269211
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 04 May 2021 13:10:48 GMT

GET
H2 200 hotjar-1086926.js Show response
static.hotjar.com/c/ 3 KB
2 KB 199ms
65ms Script
application/javascript 65.9.84.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1086926.js?sv=6

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

189bf0d13188ef6d739ca5e596bc229cf2c3818b489fae40126e99284e4990cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: AMS1-C1
etag: W/3f2a9e9dd8e65ab52cd0f8b55826e2c0
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1540
via: 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront)
x-amz-cf-id: nYVH9BABjUd7FiXLBA_YtcVWZvypis97-Fe8m__GNGNCbEWfFb9wHA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
644 B 295ms
98ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.onechancemedia.com&callback=_gfp_s_&client=ca-pub-6137211868526557

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210429/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6137211868526557&plah=www.onechancemedia.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

54a7520fbc9c80ac9cf378f3b283542c97d2992bd050cf6610d1228baebed619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 40ms
23ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.onechancemedia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 38ms
22ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.onechancemedia.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5CE1 54 B
236 B 77ms
76ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6137211868526557&output=html&adk=2411416291&adf=3730824246&lmt=1620133848&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620133848116&bpp=49&bdt=3744&idt=469&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6191929213331&frm=20&pv=2&ga_vid=1635165568.1620133849&ga_sid=1620133849&ga_hid=1658928835&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956&oid=3&pvsid=889551179412946&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=586

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6137211868526557&output=html&adk=2411416291&adf=3730824246&lmt=1620133848&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1620133848116&bpp=49&bdt=3744&idt=469&shv=r20210429&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6191929213331&frm=20&pv=2&ga_vid=1635165568.1620133849&ga_sid=1620133849&ga_hid=1658928835&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060956&oid=3&pvsid=889551179412946&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=586
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.onechancemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onechancemedia.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 04 May 2021 13:10:48 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 04-May-2021 13:25:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 04 May 2021 13:10:48 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 65ms
24ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620056503243602"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Tue, 04 May 2021 13:10:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=166454350677681&ev=PageView&dl=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&rl=&if=false&ts=1620133848836&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620133848829.1154635154&it=1620133848206&coo=false&exp=l0&rqm=GET

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 04 May 2021 13:10:48 GMT

GET
H3-29 200 error
connect.facebook.net//log/ 0
0 54ms
53ms Image
text/html 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect.facebook.net//log/error?p=pixel&v=2.9.39&e=Error%3A%20Duplicate%20Pixel%20ID%3A%20166454350677681.&s=Error%3A%20Duplicate%20Pixel%20ID%3A%20166454350677681.%0A%20%20%20%20at%20E%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A40341)%0A%20%20%20%20at%20Function.Y%20%5Bas%20init%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A7728)%0A%20%20%20%20at%20Function.X%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A3530)%0A%20%20%20%20at%20qa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10439)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10475%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A29777%0A%20%20%20%20at%20v%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A65495)%0A%20%20%20%20at%20each%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A67031)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A29740)%0A%20%20%20%20at%20a.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A30148)&ue=1&rs=stable&rqm=FGET
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
26ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1658928835&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&ul=en-us&de=UTF-8&dt=General%20Virtual%20-%20One%20Chance%20Media&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1753425350&gjid=995130801&cid=1635165568.1620133849&tid=UA-81025989-1&_gid=155267292.1620133849&_r=1&gtm=2wg4l3K6DJPZ8&z=2013488313

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onechancemedia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D436020%26time%3D1620133849113%26url%3Dhttps%253A%252F%252Fwww.onechancemedia.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&liSync=true&e_ipv6=AQIoXai-PKUc0wAAAXk3gKrLzFUxwU9LonqbrxVRy...

0
63 B

191ms
185ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&liSync=true&e_ipv6=AQIoXai-PKUc0wAAAXk3gKrLzFUxwU9LonqbrxVRyOsrtfkoeZmtFRVpWGSEQhzVl2juONWl
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: Uzh2eiffexYQkhD7VisAAA==

Redirect headers

date: Tue, 04 May 2021 13:10:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=436020&time=1620133849113&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&liSync=true&e_ipv6=AQIoXai-PKUc0wAAAXk3gKrLzFUxwU9LonqbrxVRyOsrtfkoeZmtFRVpWGSEQhzVl2juONWl
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: ELTiDCffexawJE/BNSsAAA==

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 1A1F 0
0

GET
H3-29 200 1965774006-viewer_css_ltr.css
docs.google.com/static/presentation/client/css/ Frame 1A1F 268 KB
40 KB 53ms
12ms Stylesheet
text/css 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/css/1965774006-viewer_css_ltr.css

Requested by

Host: docs.google.com
URL: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2409f1fa5cdbff7dc71ca2fb0b7dd034aec29f38642c418f97bccf18bf3f71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 13:37:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 12:55:38 GMT
server: sffe
age: 603204
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41343
x-xss-protection: 0
expires: Wed, 27 Apr 2022 13:37:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1A1F 2 KB
613 B 312ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 May 2021 12:07:16 GMT
server: ESF
date: Tue, 04 May 2021 13:10:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 May 2021 13:10:49 GMT

GET
H3-29 200 2899871283-viewer_core__de.js Show response
docs.google.com/static/presentation/client/js/ Frame 1A1F 804 KB
275 KB 61ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644424ae8313bebeafe6c00fd2adbf60484b4b30200fa0ac94ada093ba0abc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 12:55:38 GMT
server: sffe
age: 597708
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281312
x-xss-protection: 0
expires: Wed, 27 Apr 2022 15:09:01 GMT

GET
H2 204 25016053 Show response
bat.bing.com/p/action/ 0
115 B 100ms
30ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/25016053
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 May 2021 13:10:48 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: F26D8B33BC23496CA69972421135F4E1 Ref B: FRAEDGE1415 Ref C: 2021-05-04T13:10:49Z
x-powered-by: ARR/3.0

GET
H2 204 0
bat.bing.com/action/ 0
190 B 54ms
41ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=25016053&tm=gtm001&Ver=2&mid=7153fe71-77b2-4369-9b82-904ae0f92286&sid=253b3bf0acda11ebab685dbd2483999f&vid=2547d460acda11ebbc1aed7005e34df1&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=General%20Virtual%20-%20One%20Chance%20Media&p=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&r=&lt=4986&evt=pageLoad&msclkid=N&sv=1&rn=213705
Requested by: Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 04 May 2021 13:10:48 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 0D7BFE42F94D4388BAE1A6CC23ED900A Ref B: FRAEDGE1415 Ref C: 2021-05-04T13:10:49Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/980954548/ 2 KB
1 KB 37ms
33ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/980954548/?random=1620133849338&cv=9&fst=1620133849338&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&tiba=General%20Virtual%20-%20One%20Chance%20Media&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e1add72cb97edb70fc41f0b41b5e8a19a722bda2e67cdb4b37fadc047127294

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1027
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.7225c79fe4e29708c611.js Show response
script.hotjar.com/ 219 KB
58 KB 194ms
60ms Script
application/javascript 65.9.84.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.7225c79fe4e29708c611.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1086926.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.84.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 11:17:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6822
x-cache: Hit from cloudfront
content-length: 59087
access-control-allow-origin: *
last-modified: Tue, 04 May 2021 11:17:02 GMT
etag: "5a825663eb0181940c9c8432508f6197"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=30758400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -Vos9_ThiuGCB65eGDxrq6IJvXced4PYAT0GfqZ4rRGx_1ksTNCBpg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 28ms
25ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-81025989-1&cid=1635165568.1620133849&jid=1753425350&gjid=995130801&_gid=155267292.1620133849&_u=YAhAAEAAAAAAAC~&z=1673586015

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 04 May 2021 13:10:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.onechancemedia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
77 B 7ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryTesslwaKOOL5beWc

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 04 May 2021 13:10:49 GMT
content-type: text/plain
access-control-allow-origin: https://www.onechancemedia.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 37ms
35ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-81025989-1&cid=1635165568.1620133849&jid=1753425350&_u=YAhAAEAAAAAAAC~&z=1678079096

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
31ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-81025989-1&cid=1635165568.1620133849&jid=1753425350&_u=YAhAAEAAAAAAAC~&z=1678079096

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e3cec51ed8e99df6977c199d27812d7.html Show response
vars.hotjar.com/ Frame F2C3 1 KB
1 KB 148ms
30ms Document
text/html 65.9.84.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1086926.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.84.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-5e3cec51ed8e99df6977c199d27812d7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.onechancemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onechancemedia.com/

Response headers

content-type: text/html
content-length: 684
date: Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "4e332edbbc3b46800c87f197cc7d3bb6"
last-modified: Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 05ec74146f636de45e985d09f62976dd.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: nK_2W_npJpR74aoDFOPlYow2j1WJpVT6ldK_Dc4kwapKMfOx54ytlQ==
age: 3013218

POST
H2 200 log Show response
play.google.com/ Frame 1A1F 131 B
637 B 104ms
71ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 04 May 2021 13:10:50 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 04 May 2021 13:10:50 GMT

POST
H2 204 naLogImpressions Show response
docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/ Frame 1A1F 0
438 B 165ms
141ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/naLogImpressions?id=e%2F2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj&includes_info_params=1

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-SQIi6QfZpXfQoS1Oam3Vkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:50 GMT
server: GSE
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-SQIi6QfZpXfQoS1Oam3Vkg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 punchviewer_material_sprite7_grey_medium.svg
ssl.gstatic.com/docs/presentations/images/ Frame 1A1F 5 KB
2 KB 62ms
6ms Image
image/svg+xml 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite7_grey_medium.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/1965774006-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f96ceb0b2fedc45fd82e2765edf236d976259f8e5df897128af7439d198b3870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 10:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Dec 2020 20:15:00 GMT
server: sffe
age: 356235
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1903
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:35 GMT

GET
H2 200 punchviewer_material_sprite7_grey_dark.svg
ssl.gstatic.com/docs/presentations/images/ Frame 1A1F 5 KB
2 KB 75ms
19ms Image
image/svg+xml 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/presentations/images/punchviewer_material_sprite7_grey_dark.svg

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/css/1965774006-viewer_css_ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c258d019c21c2d92d7cc4527d22884c38da183ba158dc984183acdc48b3917f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 21:17:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Dec 2020 20:15:00 GMT
server: sffe
age: 489193
vary: Accept-Encoding, Origin
content-type: image/svg+xml
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1902
x-xss-protection: 0
expires: Thu, 28 Apr 2022 21:17:37 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ Frame 1A1F 21 KB
21 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
age: 472068
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:03:02 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1A1F 15 KB
15 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 21:46:00 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 573890
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Wed, 27 Apr 2022 21:46:00 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1A1F 15 KB
15 KB 26ms
21ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://docs.google.com
Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 22:46:40 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 397451
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Fri, 29 Apr 2022 22:46:40 GMT

GET
H2 200 YlIqoRkmvrdKzMJGukMfd8NlB_2XFL4HD8b4oGRPIyorjP7OWxMlitLZ6SisixQ5AExCvak7SgPaY94Mc5-VFO5-zPVan0CQeR38kSny102PC7XmLCo0KyQ5MX77nkM2As0A
lh3.googleusercontent.com/ Frame 1A1F 60 KB
60 KB 756ms
710ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YlIqoRkmvrdKzMJGukMfd8NlB_2XFL4HD8b4oGRPIyorjP7OWxMlitLZ6SisixQ5AExCvak7SgPaY94Mc5-VFO5-zPVan0CQeR38kSny102PC7XmLCo0KyQ5MX77nkM2As0A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d77b7617cae35b7e354ca4a3be0f007fa19cb721a8013686a15707706065cfe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="OCM Color Logo on White.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61513
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H2 200 ZAM_-th5mcBwsjD7e1OcHv7J-P2s7OnkyiArYKyBuAmOYDa1OSa6io0TpGifAeOfDQZunwDXm0FJvoUJimORfGEtRGhT8Ab9-JPkAjPNq1p2khParxt62QOdMLY-BSAd10kl
lh6.googleusercontent.com/ Frame 1A1F 734 KB
735 KB 759ms
660ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/ZAM_-th5mcBwsjD7e1OcHv7J-P2s7OnkyiArYKyBuAmOYDa1OSa6io0TpGifAeOfDQZunwDXm0FJvoUJimORfGEtRGhT8Ab9-JPkAjPNq1p2khParxt62QOdMLY-BSAd10kl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca9392001e729d3ebe6add414a9002e3804b4b1ba6ff0aab1af3b6df9d98fde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 751679
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H2 200 CVVEDDFOltoHlKLzZGa741IFHN7-5apRhgKx0kbbffJ0iC2--H1qo90u3Z_PkAvN63j3vgMJF8jYmKy-NRMKnwYAgf8VLlWjNOWUxIXWPECBz3rsfkTUCy8zkVR_nLSKZBb8
lh4.googleusercontent.com/ Frame 1A1F 9 MB
9 MB 3172ms
3060ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/CVVEDDFOltoHlKLzZGa741IFHN7-5apRhgKx0kbbffJ0iC2--H1qo90u3Z_PkAvN63j3vgMJF8jYmKy-NRMKnwYAgf8VLlWjNOWUxIXWPECBz3rsfkTUCy8zkVR_nLSKZBb8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

da225fc26f5a52f4e104fdd89aecc83e8bcafe8ee6429d914fb89db24a36eeea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ezgif.com-optimize (44).gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9153028
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:54 GMT

GET
H2 200 mPjxyYWK7fRX-HkQsov7jHqYsVtWy-mvt9Z0lsTqo7zzIGiKRQMiAugUchrt-O_mGFwFGDMlNkoZhznQ5RnIK_njJGAmCCJ7xNQSvOomR2HwmicEUvRjpIx7Q6aKdCpkUPud
lh6.googleusercontent.com/ Frame 1A1F 30 KB
31 KB 647ms
548ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/mPjxyYWK7fRX-HkQsov7jHqYsVtWy-mvt9Z0lsTqo7zzIGiKRQMiAugUchrt-O_mGFwFGDMlNkoZhznQ5RnIK_njJGAmCCJ7xNQSvOomR2HwmicEUvRjpIx7Q6aKdCpkUPud

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bef77036fe6afb645507d636891444dbc574ee6602282f06287420d9fc459933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="qr-code.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H2 200 _xuqL-Z6n5VIvcWzoLu9sxMK_mplyWDLhtLKoMS1qk4Ouvcv8cOWimnBDqEM_NRw62Jq8_yhXHjB0JGPW9wAv_M5N9Pu3V1JP7n0fsOMmdNh3QQ5079a9GCKhaL2T2Ae039L
lh6.googleusercontent.com/ Frame 1A1F 179 KB
179 KB 1103ms
1005ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/_xuqL-Z6n5VIvcWzoLu9sxMK_mplyWDLhtLKoMS1qk4Ouvcv8cOWimnBDqEM_NRw62Jq8_yhXHjB0JGPW9wAv_M5N9Pu3V1JP7n0fsOMmdNh3QQ5079a9GCKhaL2T2Ae039L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e5ada096d6d39bc58dd1a911c3df704bb11980ed6a89d2d1ac32987b8cca90d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ezgif.com-gif-maker (26).gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 183110
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 qVxqEPHbXxJ-AF70YAH0p06pyR5-v24LirClrHd6Ja5Zm9H_Ac5SumBHgTnHK-oRogKWUW7_lSW9A3ea_G4i8gqXSjXzz9eZzxJYTWMbeu5VrxfxTq6JzJYj8Tilffdhs88b
lh5.googleusercontent.com/ Frame 1A1F 395 KB
395 KB 891ms
794ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/qVxqEPHbXxJ-AF70YAH0p06pyR5-v24LirClrHd6Ja5Zm9H_Ac5SumBHgTnHK-oRogKWUW7_lSW9A3ea_G4i8gqXSjXzz9eZzxJYTWMbeu5VrxfxTq6JzJYj8Tilffdhs88b

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b075d83226649112a3bada043b1b77808d5c49947c118e30dd1171160737c519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="quiz.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 404053
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 gMrba6yMRJ2ouRcFp-IIKDzoC-dwHCLrL3ZX0OPN5eNaACZWl2OIY2y-Ul049jXU2eJzYPEKGJxymrCUYdLa5Dzbc8a_vVt7DFSpDhpSJ5ekKCETfXlhbnymFlETg29Gz-gg
lh5.googleusercontent.com/ Frame 1A1F 650 KB
651 KB 1630ms
1533ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/gMrba6yMRJ2ouRcFp-IIKDzoC-dwHCLrL3ZX0OPN5eNaACZWl2OIY2y-Ul049jXU2eJzYPEKGJxymrCUYdLa5Dzbc8a_vVt7DFSpDhpSJ5ekKCETfXlhbnymFlETg29Gz-gg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

dc8ea772208428889ace16e338938b317f016b1dce4d6ee37109a8e5716b70e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG-4275.PNG"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665712
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 oE4579QNs_a4EAIj1e00iwtjQiP-jYQ4GQs_r3gxrRGU_bBA3129GaYjiVZhV0Dw-oYp2Oh9L8JOIsGg1snSLUDjZkHJcOTZ8k6pv5Expo7klXyArXOlhZW1tfJsuuoabUYJ
lh4.googleusercontent.com/ Frame 1A1F 36 KB
37 KB 480ms
369ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/oE4579QNs_a4EAIj1e00iwtjQiP-jYQ4GQs_r3gxrRGU_bBA3129GaYjiVZhV0Dw-oYp2Oh9L8JOIsGg1snSLUDjZkHJcOTZ8k6pv5Expo7klXyArXOlhZW1tfJsuuoabUYJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

955459d5f1ff17aa1cca7fcc0f7243b8a96fcd53f306958f9dc6edff93f894ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image25.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37221
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H2 200 urse0mxy1_3e_7chWL9nU08Sa_fJMD3CrpQg6fiQ3JJcdBuPpgm9HQJQI6EpCwD5XkJSsLL2nVYauHQ8GXfzSH-edSyp6mkuQXb12nxBXHTcAbfygO27k4LiUH89RhBfNeJj
lh5.googleusercontent.com/ Frame 1A1F 253 KB
253 KB 866ms
770ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/urse0mxy1_3e_7chWL9nU08Sa_fJMD3CrpQg6fiQ3JJcdBuPpgm9HQJQI6EpCwD5XkJSsLL2nVYauHQ8GXfzSH-edSyp6mkuQXb12nxBXHTcAbfygO27k4LiUH89RhBfNeJj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4a76a6b70e49f7c5a4a7857635706661cdbd51a771eebde00720b9331879f4d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digital frame.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258696
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 wInHEAGg1vo7Q6n2Sz7gl1CgJmkr9FbWZldohGxwY3bSKSWLw4omlPrGQi7sanaXZ_yQrHslFb7m7VwumGRGhxP4nTrfCYsxDdaA3ND0y0WKjcRQf2uV3RHNyohFoO_g2stK
lh6.googleusercontent.com/ Frame 1A1F 215 KB
215 KB 931ms
834ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/wInHEAGg1vo7Q6n2Sz7gl1CgJmkr9FbWZldohGxwY3bSKSWLw4omlPrGQi7sanaXZ_yQrHslFb7m7VwumGRGhxP4nTrfCYsxDdaA3ND0y0WKjcRQf2uV3RHNyohFoO_g2stK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

91d05368279ec33c829a27b05b24dd96cb1c9a114c9ce915673bea3a0eac67d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="randomizer.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220117
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 PwWeHdxMSSun3zCUocA7ryQmTU2hs5GFqzuUcJWkx_NTlppAKpbmThrc6WBXKLMEJhT7NxaMVdTNA-UteeczKByPFdbsk-HxdsoLfkgzqK6VGQ2PAphE3zkejuYx7Px343Us
lh3.googleusercontent.com/ Frame 1A1F 255 KB
255 KB 750ms
498ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PwWeHdxMSSun3zCUocA7ryQmTU2hs5GFqzuUcJWkx_NTlppAKpbmThrc6WBXKLMEJhT7NxaMVdTNA-UteeczKByPFdbsk-HxdsoLfkgzqK6VGQ2PAphE3zkejuYx7Px343Us

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6c0ed253bd5e41383768fa400538ca7bbe31db5d1cfb93fb3729e0f161cdb44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="digitalprop.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260611
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 YYY5-T-bQvO6pSU6qKforC9-JzJ9zuXndFRwoY4myigOOJsrn1g5mP2J1sDwbPT4Sw4t0M7WIQMn9XgSdPquEWtxIatFI__J_0bw9w_7z01eZDqget09ix4j2MBI3U2hqSH5
lh4.googleusercontent.com/ Frame 1A1F 6 MB
6 MB 21318ms
21066ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/YYY5-T-bQvO6pSU6qKforC9-JzJ9zuXndFRwoY4myigOOJsrn1g5mP2J1sDwbPT4Sw4t0M7WIQMn9XgSdPquEWtxIatFI__J_0bw9w_7z01eZDqget09ix4j2MBI3U2hqSH5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e50086e9c39174ee3e70607cae7664b033e24c114034eb8d8e5756bcb5c9dd39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:11:13 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Store-Website.gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6061366
x-xss-protection: 0
expires: Wed, 05 May 2021 13:11:13 GMT

GET
H2 200 9M8kkFcUb4aWi_jrAmLgo_9225PCb9jyE7lhYip1IH2sM7PlOBQvGCn2c8C7aQpq6rMpxnFAByac9G5DJMlaO4fsUhxZyLZHk2BgU6G5XUHNeSY8JVbCCk2IzGFTh6vvzCkP
lh5.googleusercontent.com/ Frame 1A1F 2 MB
2 MB 1806ms
1554ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/9M8kkFcUb4aWi_jrAmLgo_9225PCb9jyE7lhYip1IH2sM7PlOBQvGCn2c8C7aQpq6rMpxnFAByac9G5DJMlaO4fsUhxZyLZHk2BgU6G5XUHNeSY8JVbCCk2IzGFTh6vvzCkP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9ee60cd4ad1d204f283cfe1b35f867922baed1a1862ad242b7db6f785e726f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Digital Caricature_Ex2.gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2015447
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:53 GMT

GET
H2 200 IVXxQHmUqvwooeaNV95f_5dGuaYrNNFvSwspWgx8WdYiOOcmFV2-tDYzrK6Ag0Ci13Rkt6C3DzO6vdl2ffLX1LrDJ1WulHc39IktSXxRJaXtbIP4_It4e-HVQ7D-y-GEkdKV
lh4.googleusercontent.com/ Frame 1A1F 734 KB
735 KB 528ms
276ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/IVXxQHmUqvwooeaNV95f_5dGuaYrNNFvSwspWgx8WdYiOOcmFV2-tDYzrK6Ag0Ci13Rkt6C3DzO6vdl2ffLX1LrDJ1WulHc39IktSXxRJaXtbIP4_It4e-HVQ7D-y-GEkdKV

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ca9392001e729d3ebe6add414a9002e3804b4b1ba6ff0aab1af3b6df9d98fde7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 751679
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 ylG5fq7PrB7vX7OavmVknwHUYMTruUpKPtubJaqz3ZSmTw4oO_4zq08-4XL7Xx2TYaxrkdeBfxCVhPnOiCmhlp4PYTUEQj9MrfhAT52JPenpj0hPTHClL67WUN18pztoCRAh
lh4.googleusercontent.com/ Frame 1A1F 180 KB
180 KB 472ms
220ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/ylG5fq7PrB7vX7OavmVknwHUYMTruUpKPtubJaqz3ZSmTw4oO_4zq08-4XL7Xx2TYaxrkdeBfxCVhPnOiCmhlp4PYTUEQj9MrfhAT52JPenpj0hPTHClL67WUN18pztoCRAh

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d1537b3232dad30ef640961ceea25dedaf5bce276b2798446c87100caee9b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="29192.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 184045
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 dkGEZPp8wRML7cIkTswOo05XFO-m6Om-cChg_Exi5rj2BI417XPaopz5tq-5YjQWaiN28EcZNTWqNssa-7eP_wmxeIFPGHOULIi_eQZAE1KsESi1W2Q-KLRBYfD4o28lD6MQ
lh5.googleusercontent.com/ Frame 1A1F 2 MB
2 MB 1602ms
1350ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/dkGEZPp8wRML7cIkTswOo05XFO-m6Om-cChg_Exi5rj2BI417XPaopz5tq-5YjQWaiN28EcZNTWqNssa-7eP_wmxeIFPGHOULIi_eQZAE1KsESi1W2Q-KLRBYfD4o28lD6MQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

953ced88ce388f9fcf252782653ead28b1963daaed31da4c300eb7dfaa8141c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:53 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ezgif.com-gif-maker (30).gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1750741
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:53 GMT

GET
H2 200 js_fNF1onDPeqdU6PEEmA5brIz2RikTsHWVHBAROT6YWMgwi5SykrFIKpvxyojUZaiZ9Q_txas_FllezlBbyZ6BQ5SeOX2f4jqozDLD7gsTtrRB7Gu3eP1qLlQv0b0F8zP6j
lh6.googleusercontent.com/ Frame 1A1F 219 KB
219 KB 882ms
577ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/js_fNF1onDPeqdU6PEEmA5brIz2RikTsHWVHBAROT6YWMgwi5SykrFIKpvxyojUZaiZ9Q_txas_FllezlBbyZ6BQ5SeOX2f4jqozDLD7gsTtrRB7Gu3eP1qLlQv0b0F8zP6j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cd9ab925111e704441b78d0494b756f87b711aacf305c3feccff172995c1468e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="virtualphotobooth.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224162
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 85uQAXLzccJevHTTr_j4BPm0SFJCh7wigIWICNjakxPzrWm6ObjJeNF_Lt9L1muzSANdlqwp4uGRiRy-18O_g3xQEcT9lAI2OjvvJgfER5_jghvvQcQbJ3BM0FLBf1fmCADn
lh3.googleusercontent.com/ Frame 1A1F 842 KB
843 KB 1343ms
1280ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/85uQAXLzccJevHTTr_j4BPm0SFJCh7wigIWICNjakxPzrWm6ObjJeNF_Lt9L1muzSANdlqwp4uGRiRy-18O_g3xQEcT9lAI2OjvvJgfER5_jghvvQcQbJ3BM0FLBf1fmCADn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

31dd4fcf31de04b22c63abd03174bfd90d227a5f734455ace73f919aec36c5d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ezgif.com-crop (19).gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 862517
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 s_HIah2YE6bEoFqzuPwzQaYP-lT46x2UzV8PCpkiQCd5_eEKhDE8gi2HOCfKjXNdNkH4XIa07rPb4HGLqhe1g0wirdoLaSq5LdlZansUonwWz2yWQV1Bylfe6b2daS_TNWj6
lh4.googleusercontent.com/ Frame 1A1F 77 KB
77 KB 719ms
467ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/s_HIah2YE6bEoFqzuPwzQaYP-lT46x2UzV8PCpkiQCd5_eEKhDE8gi2HOCfKjXNdNkH4XIa07rPb4HGLqhe1g0wirdoLaSq5LdlZansUonwWz2yWQV1Bylfe6b2daS_TNWj6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

52a6e95f69dc8aaadcac964b2f94e553df53f5ef07d5bea28c29d955dc1619ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="qr-code (1).png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78937
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 lQbqA1R6Ru1D2uwjb9k33g3OXlOBGYxZfC9cU4nLNzyKQbkKSi05CtVergSaaBEkvH-V1KXIrP8fkwo-CroKbV1pi5NK0ZTZz5OF6Q-A5Czh-9vNWZjIIFm-p4567rd4amLj
lh5.googleusercontent.com/ Frame 1A1F 617 KB
618 KB 978ms
931ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/lQbqA1R6Ru1D2uwjb9k33g3OXlOBGYxZfC9cU4nLNzyKQbkKSi05CtVergSaaBEkvH-V1KXIrP8fkwo-CroKbV1pi5NK0ZTZz5OF6Q-A5Czh-9vNWZjIIFm-p4567rd4amLj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c5a2471bfe92789640ea086b7d2cc4b8f5cfb36f158716600d576e349708411c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="pasted image 0.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 632217
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 58tJzaoA7CUKb0fyiyUFBmhaKEv3y5J0HCqsBWUWhKCmW17gX_L9Xk2kF92yaa3rBNYlnTI3HhnWqxgEajKxMh0DvufO8j8JQlPyCGI2JlMFeehkJbnixIxHG0rm8G8z5Ca-
lh4.googleusercontent.com/ Frame 1A1F 10 MB
10 MB 5100ms
4848ms Image
image/gif 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/58tJzaoA7CUKb0fyiyUFBmhaKEv3y5J0HCqsBWUWhKCmW17gX_L9Xk2kF92yaa3rBNYlnTI3HhnWqxgEajKxMh0DvufO8j8JQlPyCGI2JlMFeehkJbnixIxHG0rm8G8z5Ca-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

04d5b63a6ef1294bd36c36af58c01ff21cfcd39948d0cd3149718a9cabeebed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:56 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="ezgif.com-optimize (66).gif"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10684303
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:56 GMT

GET
H2 200 hi_pKuQSBhpQqtZQwvrRmZPapiA48D0qr9DYQXjnMS776rTYBbdTstJAnVVudWrb-_lEGivj08JY-q3E8wrn7OI6Nip8_GtwWF5tb9Hn5k7LG1u7Bd26_wgZqWLoBMCVmoYL
lh3.googleusercontent.com/ Frame 1A1F 73 KB
73 KB 433ms
387ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/hi_pKuQSBhpQqtZQwvrRmZPapiA48D0qr9DYQXjnMS776rTYBbdTstJAnVVudWrb-_lEGivj08JY-q3E8wrn7OI6Nip8_GtwWF5tb9Hn5k7LG1u7Bd26_wgZqWLoBMCVmoYL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f6dc7fe9b246072544eb49eff135d606c4682ada4b434bc85af556a7fdffdddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="13757.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74720
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H3-29 200 9RDr_1pxFhCngPLcSE16Dznix85LUDScHcz9rDB8GH0OotyZosD8vqshIofWHnlDT7Fn2vmRtaIZMyYPUjaNKMHvow8lAuOlRV-qNkABuwVMtle5iR4aYEKibbf2t876x1_z
lh4.googleusercontent.com/ Frame 1A1F 36 KB
36 KB 753ms
431ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/9RDr_1pxFhCngPLcSE16Dznix85LUDScHcz9rDB8GH0OotyZosD8vqshIofWHnlDT7Fn2vmRtaIZMyYPUjaNKMHvow8lAuOlRV-qNkABuwVMtle5iR4aYEKibbf2t876x1_z

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

955459d5f1ff17aa1cca7fcc0f7243b8a96fcd53f306958f9dc6edff93f894ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image25.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37221
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 xIKFoXINvj7h1tVwuuCKRrjaDYBBNSXQT5krRfx-vpdyU93nKA4schcnoijmjSrH5WOBtlHqB7KkBgxLIsmfU_E9bNRxe_Tmhq2sUrvj7SA6JyS61uREh6rJVynGRBGAKAO2
lh3.googleusercontent.com/ Frame 1A1F 236 KB
236 KB 760ms
725ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/xIKFoXINvj7h1tVwuuCKRrjaDYBBNSXQT5krRfx-vpdyU93nKA4schcnoijmjSrH5WOBtlHqB7KkBgxLIsmfU_E9bNRxe_Tmhq2sUrvj7SA6JyS61uREh6rJVynGRBGAKAO2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e289bca7e9cde2462f34afaccd9fbf0c37457d328f38a074ef05bb0ebdbb8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG-4455.PNG"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241208
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H3-29 200 1M-0-BmS9PyaywZ9pRQMH0sWBiekNN3lA2VaT5-xUbeCM2yj0X3Ng1AMLOIC3gCWuge_7O2z_Jklyf_r5oibwDqsxsNGO8Mg4rS6oktkApLgqVttZzjLhXrKoc60EPUNpKcz
lh4.googleusercontent.com/ Frame 1A1F 74 KB
74 KB 834ms
512ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/1M-0-BmS9PyaywZ9pRQMH0sWBiekNN3lA2VaT5-xUbeCM2yj0X3Ng1AMLOIC3gCWuge_7O2z_Jklyf_r5oibwDqsxsNGO8Mg4rS6oktkApLgqVttZzjLhXrKoc60EPUNpKcz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d1dbb9461d9559bd710cca12db8233b6be1df2a3e51efefab36aaf71adc66af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="qr-code (2).png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76017
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H3-29 200 WIGmad6tzKMLnmtqUjdicrj8bPFQwKrMyR_2jyrXpj9BtTgseMzYGEI7Imv6NPlx1fw86eD2iuKfX3jqRFR0rX-SFKQ9SRcSEVE8oWqVZkrk9ExhMobh0HIZBy66ZuxZ1vy2
lh4.googleusercontent.com/ Frame 1A1F 79 KB
79 KB 716ms
394ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/WIGmad6tzKMLnmtqUjdicrj8bPFQwKrMyR_2jyrXpj9BtTgseMzYGEI7Imv6NPlx1fw86eD2iuKfX3jqRFR0rX-SFKQ9SRcSEVE8oWqVZkrk9ExhMobh0HIZBy66ZuxZ1vy2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

558be0f464610f22b91f19f0bc2d3e8dc40a7f8255a6fff284cf3010454f3cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:52 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2X2dKKh1UpMc0ktbLtOlcKj1gInW1VN1COAeg70dxi-nUMpFXZNOvFA0s9mZ3p_xwXYiYJ8tdB3WyAE=s2000.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81142
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:52 GMT

GET
H2 200 t8r22-B9kpgoQodJr5PgsVAdP7LYBaNVP6TpeirqKN7ygKtE6UrlArYqegfmzNSlEgV7YLENshwzgd_myJCv-UMRa4tZFuVCwd9UPOTCpWQXWl3HpVkNFGRx5xjH03ZajPpP
lh4.googleusercontent.com/ Frame 1A1F 92 KB
92 KB 476ms
462ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/t8r22-B9kpgoQodJr5PgsVAdP7LYBaNVP6TpeirqKN7ygKtE6UrlArYqegfmzNSlEgV7YLENshwzgd_myJCv-UMRa4tZFuVCwd9UPOTCpWQXWl3HpVkNFGRx5xjH03ZajPpP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

90e834fbee2f424b7b0775b17342e0048e6c71eafcbaf71a4f5eb90045305a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="HeadShot.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94337
x-xss-protection: 0
expires: Wed, 05 May 2021 13:10:51 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/980954548/ 42 B
64 B 64ms
53ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/980954548/?random=1620133849338&cv=9&fst=1620133200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&frm=0&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&tiba=General%20Virtual%20-%20One%20Chance%20Media&async=1&fmt=3&is_vtc=1&random=2529550344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/980954548/ 42 B
64 B 42ms
21ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/980954548/?random=1620133849338&cv=9&fst=1620133200000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg4l3&sendb=1&frm=0&url=https%3A%2F%2Fwww.onechancemedia.com%2Fgeneral-virtual&tiba=General%20Virtual%20-%20One%20Chance%20Media&async=1&fmt=3&is_vtc=1&random=2529550344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.onechancemedia.com
URL: https://www.onechancemedia.com/general-virtual

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 netcheck.gif
ssl.gstatic.com/docs/common/ Frame 1A1F 43 B
63 B 50ms
17ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/docs/common/netcheck.gif?zx=b4cmd2q5t3kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 2240088325-viewer_help__de.js Show response
docs.google.com/static/presentation/client/js/ Frame 1A1F 50 KB
18 KB 232ms
115ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.google.com/static/presentation/client/js/2240088325-viewer_help__de.js

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e312bf5380a289506c7c2c42abc08772cf2059dfa16ab8e6b082f433c49cb1e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000&slide=id.ga5870a3403_0_0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 15:09:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 12:55:38 GMT
server: sffe
age: 597711
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18204
x-xss-protection: 0
expires: Wed, 27 Apr 2022 15:09:01 GMT

GET
H3-29 200 search-white.png
ssl.gstatic.com/ui/v1/button/ Frame 1A1F 275 B
297 B 24ms
9ms Image
image/png 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.gstatic.com/ui/v1/button/search-white.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 19:41:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 235763
vary: Origin
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
expires: Sun, 01 May 2022 19:41:30 GMT

POST
H2 200 log Show response
play.google.com/ Frame 1A1F 131 B
289 B 46ms
46ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 04 May 2021 13:10:54 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 04 May 2021 13:10:54 GMT

POST
H2 204 naLogImpressions Show response
docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/ Frame 1A1F 0
437 B 153ms
152ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-1hVWR0CDohXaPSZLz3O9Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000&slide=id.ga5870a3403_0_0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:54 GMT
server: GSE
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-1hVWR0CDohXaPSZLz3O9Ww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log Show response
play.google.com/ Frame 1A1F 131 B
289 B 48ms
48ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://docs.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 04 May 2021 13:10:57 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://docs.google.com
cache-control: private
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Tue, 04 May 2021 13:10:57 GMT

POST
H2 204 naLogImpressions Show response
docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/ Frame 1A1F 0
438 B 208ms
208ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: docs.google.com
URL: https://docs.google.com/static/presentation/client/js/2899871283-viewer_core__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-LvFJQBOdtr/Kqd1a1fv+lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain: 1
Referer: https://docs.google.com/presentation/d/e/2PACX-1vQW7oK4VW3TPfbE4ts0RRa6OIRVo4iNcGFBrC6WnnesDJ_hBcLPkkbd7kuYnVnRlrSRXeWBshn3O4hj/embed?start=false&loop=false&delayms=3000&slide=id.ga5870a3403_0_0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:10:57 GMT
server: GSE
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: base-uri 'self';object-src 'self' blob:;report-uri https://docs.google.com/presentation/cspreport;script-src 'report-sample' 'nonce-LvFJQBOdtr/Kqd1a1fv+lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 39ms
19ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210429&st=env

Requested by

Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/performance-0add3f16b92e7b8855b50-min.en-US.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114537a8b8a17382a1326abdf01ce79b446020156f3ec313f22761d1e7bf783c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 04 May 2021 13:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7582
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 13:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 04 May 2021 13:11:13 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3C2C 12 KB
5 KB 16ms
10ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.onechancemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.onechancemedia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 04 May 2021 12:14:45 GMT
expires: Wed, 04 May 2022 12:14:45 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3388
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C2C 14 KB
6 KB 25ms
4ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WoE6FlxLfDckfFPcighdBxIW8EHvlo7fGH3q-u1F8Es.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 12:56:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 12:48:00 GMT
server: sffe
age: 896
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5711
x-xss-protection: 0
expires: Wed, 04 May 2022 12:56:17 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
51ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210429&jk=889551179412946&bg=!m5ilmNzNAAYXzPaOF8w7ACkAdvg8WseqImCFKraSpU-c3Fg_9B5fPowhIzw8p8lFjRQ3XEsXJSDsawIAAAG8UgAAABJoAQcKAQyFUNV3jI1IuT719nGS6nn8L8Fe-QSGoJYQ3N7Jhn4b3Du-ZHycwFTO8WfoYjFyIGDHat4I2VeWHziJwy4TSLgpqY6djkPuwHPjV6zpmvxNwFbmcBYdQsx6cm6yq0Giekqpw06LY2OnPWau9DhKeJiLEE2eQqF2mtPea5_5thia40N9mF3KMJ7jyVifO2e7_pWyhXrRegXrfgp2BZ0TZWu1R1pOqX2hUiw83eKSEXx253feXLWOQc6zoX5QQ7J8hUCH66yhdMPMyZd2oErb14IPzbHXNONAnUu06k_HSOuJXvtXcpwnVDoIBsPfi0NbWq3l5ooFrEBnrKuF8ryY11vZorX4u0eK9AX3ykvimQJHEt8XSNFXcOO9Ov9qYVB7Zm_d1oR6MpSc8PsfynMvc3o3lU8HYLI4Yey5dieeLG2HQp-o9ADINxEgYjeT1HTs7MIIM4XX61IRAFvC8bUaN8bfiDvi5DVEoSRGd_MIFOxuu7ftc6v2JdZBiYiJEXrZqoU_mhurCtiYd4qfMP4m960zb09CtaDPPXp60Qe8s3zvpHRuFcGBYQDQDRtyBsoNhN7UEq8X69bwdoeP5UYZhDBbIMOGFAUtju3ia_djxkCm1GJVxVreXsWH5ydErobv8zwYTMokeeTNEM7hdqwTYOj6PAi8wzuKiAwV0Fu4eH0ZTvrFdoc8tlIFzmrXkSgnZRwg_UY5oJmN7hcZB6Q6uwjGs_yKkUkeEPDSKDItQ_K4SeU19pFr2p54v_WjS2WLtvTUm6f_NSKbxJxk6TxLTtDn3e_Pwur4bC11FEBdcPxP5XewPDXbIj2mIhnPApqSpHyCcL7qlZZpThWJ9sYZumPeIfUe5bKa8LnDeIA5Qf1AEKX7FvVPZ4AzsKygnnovmRc75VOVGObFUqWLZDgghfkDisyTG6H3bdz9crpNwIOmHXvQcP-1eaA1ucfM4c_TNshzMMIMCmy1lsayWa73wZazW8LAF9RCd4k_VlNrA-AzT5oQna8yLBFtR-IJdmHzzqo6saq0Wt6eQVjKQXwwgvoJxKgzxqrRNP0HX7yxfypecYN4C8gBdlNcbi3B0xcsgxgv5-Y_YQuZGWEfQwMtf1bxwlPeSuOnKfmYdeUVvOL88hhF_IuhLA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.onechancemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 04 May 2021 13:11:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-moment_js_vendor
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-cldr_resource_pack
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-common_vendors_stable
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-common_vendors
console-api	warning	URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-db6e1a9e95959c0432ba5-min.en-US.js(Line 1) Message: yui: NOT loaded: squarespace-performance
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Multiple pixels with conflicting versions were detected on this page.
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 166454350677681.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=43200
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
assets.squarespace.com
bat.bing.com
cdn.callrail.com
connect.facebook.net
docs.google.com
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
images.squarespace-cdn.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
p.typekit.net
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
secure.text6film.com
snap.licdn.com
ssl.gstatic.com
static.hotjar.com
static1.squarespace.com
stats.g.doubleclick.net
tpc.googlesyndication.com
uploader.squarewebsites.org
use.typekit.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.onechancemedia.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.111.240.195
108.174.10.14
142.250.186.34
151.101.112.237
151.101.112.238
172.217.23.98
198.49.23.144
2606:4700:20::681a:1a2
2620:119:50e3:101::6cae:b45
2620:1ec:22::14
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c04::9c
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
51.140.39.77
52.55.38.21
65.9.84.2
65.9.84.55
65.9.84.96
04d5b63a6ef1294bd36c36af58c01ff21cfcd39948d0cd3149718a9cabeebed7
0a9a7f15b42f21237866a2c48d162462dc130117e24f0e24faed1a8c8133a88e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114537a8b8a17382a1326abdf01ce79b446020156f3ec313f22761d1e7bf783c
115d1b7feef2c0443e6006087afd3e751365154d033f08a9b034f8e6c767b9bd
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
189bf0d13188ef6d739ca5e596bc229cf2c3818b489fae40126e99284e4990cf
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d75fcf9c777174f1245b30ed95b56d566213925377acd82698e4eb45ad43a2b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1add72cb97edb70fc41f0b41b5e8a19a722bda2e67cdb4b37fadc047127294
3183481f09352eade87e53d32ac3c1f6ab5b853e2b5bde4035834680b53d9299
31dd4fcf31de04b22c63abd03174bfd90d227a5f734455ace73f919aec36c5d3
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
4a76a6b70e49f7c5a4a7857635706661cdbd51a771eebde00720b9331879f4d6
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51cc1f0972be78ac52d10068a8ff6cda181704dadaa46030050dae0bf48a028f
52a6e95f69dc8aaadcac964b2f94e553df53f5ef07d5bea28c29d955dc1619ce
54a7520fbc9c80ac9cf378f3b283542c97d2992bd050cf6610d1228baebed619
558be0f464610f22b91f19f0bc2d3e8dc40a7f8255a6fff284cf3010454f3cee
5a813a165c4b7c37247c53dc8a085d071216f041ef968edf187deafaed45f04b
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5bfc2a9ca22320bf23822c5c5a95a29c85fc1dc325cd727e1893924cd352b4e4
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
644424ae8313bebeafe6c00fd2adbf60484b4b30200fa0ac94ada093ba0abc87
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6957cfaf128338c6e447e2ba0e9c5dc9b17cfb49e515eda3c077d3dc67d566b6
7d1dbb9461d9559bd710cca12db8233b6be1df2a3e51efefab36aaf71adc66af
7d7c1cd1a26f46c443072081453557ae1d820488d1417bbd6184b4e55dc114f3
7e289bca7e9cde2462f34afaccd9fbf0c37457d328f38a074ef05bb0ebdbb8fa
83b4d6790a610992a2b03c0246dfae63a9e210a2c2c3d2c568d6dc34f9333c1c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86af2f2995b2ff5186ed018e5f52db32b2207a46b6abec40a7695d28786146e2
8c77794b795c43cb1944f06f8b8e834eb00a6088e5e3f0cd41b13c789105bb76
8d1537b3232dad30ef640961ceea25dedaf5bce276b2798446c87100caee9b1b
8efe3e24fbff7b370d1d24175f1de783017859e0fe80d2e0f08e22b8e1c0c08a
90e834fbee2f424b7b0775b17342e0048e6c71eafcbaf71a4f5eb90045305a9a
91d05368279ec33c829a27b05b24dd96cb1c9a114c9ce915673bea3a0eac67d1
925818e35ed0851fba7408d7c438c261edbc941e343349d32aa07d25b2a3b653
92f4c853c533e4f30c8208bfccee564b78202886e58e0e5095866fd11980243e
94442ab42e60dd5c6c276c1777c56fc3f9dff44e999524ca6431af82a9bff9af
953ced88ce388f9fcf252782653ead28b1963daaed31da4c300eb7dfaa8141c9
955459d5f1ff17aa1cca7fcc0f7243b8a96fcd53f306958f9dc6edff93f894ee
99155f31d46dc469aa872ce824309fae9210fb9357f463b889d617b85b35eb61
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c258d019c21c2d92d7cc4527d22884c38da183ba158dc984183acdc48b3917f
9cd34d28c16f84b5992d5dfa633934d20560ff2f8d05ac9df4649d2180520f99
9ee60cd4ad1d204f283cfe1b35f867922baed1a1862ad242b7db6f785e726f02
9f555b1c1551c693503713c84fcafc3d70b24ec3b1a448f9263dd854ae47503f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
b075d83226649112a3bada043b1b77808d5c49947c118e30dd1171160737c519
b2409f1fa5cdbff7dc71ca2fb0b7dd034aec29f38642c418f97bccf18bf3f71e
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb5824e55fb08d11d1bbcc144d776acc19dddf21298c684ff143c1b0cfd046af
bbb4eb0d71ed047255ad98b64ced9d5774773f06d9ad9cf665034b85211636e8
be2ec10abf59c11e5f8ec950a3f93e63a19d63034fa64c7d53610bbe48ea5461
be4a623e2b77e3c1a6872ace915160b7e981783a9ca792a462a80cb86a6c81a6
bef77036fe6afb645507d636891444dbc574ee6602282f06287420d9fc459933
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
c04b9e8e0ad9da457c6eb1e6ca38fb25f6bffff24bce1109d57562574e60c9ef
c322060c87967c74e8e1469862cab247ad7aa0c66e35918333904a125edcf3b3
c4529bb647d07fbc3a858bd39fe0aff051dd7b5ccba99c7cea5a307fdd7f4241
c5a2471bfe92789640ea086b7d2cc4b8f5cfb36f158716600d576e349708411c
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca9392001e729d3ebe6add414a9002e3804b4b1ba6ff0aab1af3b6df9d98fde7
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd9ab925111e704441b78d0494b756f87b711aacf305c3feccff172995c1468e
d09319c959d08d7c349dd964326333a08e281658983b5a784a12ac1962db44f4
d77b7617cae35b7e354ca4a3be0f007fa19cb721a8013686a15707706065cfe3
d931393ae1a1c0b3d4126858ea4a15442f1e094f07420283272902e1a878c0cc
da225fc26f5a52f4e104fdd89aecc83e8bcafe8ee6429d914fb89db24a36eeea
dc8ea772208428889ace16e338938b317f016b1dce4d6ee37109a8e5716b70e7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ded1e2af9a5d3937cc8d26fbb6d0212702f611ca62607c4eb3e7b4dc3b196d9f
e14a8aa4465d131496f06766808c441356f702c3719ef029376bfcbf2aecb336
e211dee64181ff246d2059c6f752ab9a4bfccb4b30cc22376190ff2f00896e3d
e312bf5380a289506c7c2c42abc08772cf2059dfa16ab8e6b082f433c49cb1e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50086e9c39174ee3e70607cae7664b033e24c114034eb8d8e5756bcb5c9dd39
e5ada096d6d39bc58dd1a911c3df704bb11980ed6a89d2d1ac32987b8cca90d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c13cac3350e374e58473008eb3b9f5eac88eae17cbe88c0804e797072e99b2
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f6c0ed253bd5e41383768fa400538ca7bbe31db5d1cfb93fb3729e0f161cdb44
f6dc7fe9b246072544eb49eff135d606c4682ada4b434bc85af556a7fdffdddb
f96ceb0b2fedc45fd82e2765edf236d976259f8e5df897128af7439d198b3870

www.onechancemedia.com Open in urlscan Pro 198.49.23.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

108 Requests

99 %HTTPS

69 %IPv6

25 Domains

42 Subdomains

38 IPs

4 Countries

37149 kBTransfer

46529 kBSize

0 Cookies

2 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onechancemedia.com Open in urlscan Pro
198.49.23.144 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

99 %
HTTPS

69 %
IPv6

25
Domains

42
Subdomains

38
IPs

4
Countries

37149 kB
Transfer

46529 kB
Size

0
Cookies

108 HTTP transactions
0 data transactions