www.identitytheory.com Open in urlscan Pro
72.47.224.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.identitytheory.com/
Submission: On November 24 via automatic, source certstream-suspicious (November 24th 2021, 7:05:43 pm UTC) — Scanned from DE

Summary HTTP 48 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 12 domains to perform 48 HTTP transactions. The main IP is 72.47.224.153, located in United States and belongs to MEDIATEMPLE, US. The main domain is www.identitytheory.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 7th 2021. Valid for: a year.

This is the only time www.identitytheory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	72.47.224.153 72.47.224.153	31815 (MEDIATEMPLE) (MEDIATEMPLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1c9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:ee00:3:e0f8:540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
48	15

10 72.47.224.153 (United States)

ASN31815 (MEDIATEMPLE, US)
PTR: agaacqmgka.c03.gridserver.com

www.identitytheory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1c9 (United States)

ASN13335 (CLOUDFLARENET, US)

identitytheory.substack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:ee00:3:e0f8:540:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.substack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	284 KB
10	identitytheory.com www.identitytheory.com	787 KB
6	doubleclick.net googleads.g.doubleclick.net	34 KB
6	substack.com identitytheory.substack.com cdn.substack.com	434 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	addtoany.com static.addtoany.com	26 KB
1	googletagservices.com www.googletagservices.com	37 KB
1	sentry-cdn.com js.sentry-cdn.com	1 KB
1	google.de adservice.google.de	792 B
1	googleadservices.com partner.googleadservices.com	642 B
1	googletagmanager.com www.googletagmanager.com	36 KB
48	12

	Domain	Requested by
10	www.identitytheory.com	www.identitytheory.com
8	pagead2.googlesyndication.com	www.identitytheory.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	cdn.substack.com	identitytheory.substack.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	identitytheory.substack.com	www.identitytheory.com identitytheory.substack.com
2	static.addtoany.com	www.identitytheory.com static.addtoany.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	js.sentry-cdn.com	identitytheory.substack.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	www.identitytheory.com
48	15

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.instagram.com
identitytheory.substack.com
www.facebook.com

Subject Issuer	Validity	Valid
*.gridserver.com Go Daddy Secure Certificate Authority - G2	`2021-01-07` - `2022-02-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
substack.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.identitytheory.com/
Frame ID: 0C85B954D6E1CE0DAE40D79A2CB4FCC6
Requests: 22 HTTP requests in this frame

Frame: https://identitytheory.substack.com/embed
Frame ID: 7B76FAE9A89E20985CA9E00575AC1E82
Requests: 7 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 73F5CD7634C0E114DAD631328D5CBC17
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: 7B8DD4D7ACE931ED681DF6666B99C45F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&adk=1812271804&adf=3025194257&lmt=1637780737&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.identitytheory.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737421&bpp=3&bdt=596&idt=84&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=760035919882&frm=20&pv=2&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101
Frame ID: 574DF567E586F9FED71EFBD0C8CC3332
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&h=600&slotname=1799275321&adk=116873284&adf=1804835062&pi=t.ma~as.1799275321&w=288&fwrn=4&fwrnh=100&lmt=1637780737&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.identitytheory.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737424&bpp=3&bdt=599&idt=103&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=760035919882&frm=20&pv=1&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1092&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DOR2NpU4m7&p=https%3A//www.identitytheory.com&dtd=107
Frame ID: 693AF5BE9F8BBC3DB9FA1B6E2CFA008A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BF6DF0A9FB032D46A62B1D864C8CA8A3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js
Frame ID: ACCC18AF71853126986ACD12AFC8D974
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A8C30552F06AC9DA80CE547ACAE5A5C2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE0767C15F0645574178AFD4E9A80664
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identity Theory: A Literary Website - Fiction, Interviews, Essays

Page Statistics

48
Requests

79 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

1662 kB
Transfer

3723 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/IdentityTheory

Search URL Search Domain Scan URL

URL: https://www.instagram.com/identitytheorymag/

Search URL Search Domain Scan URL

URL: https://identitytheory.substack.com/
Title: newsletter on Substack

Search URL Search Domain Scan URL

URL: https://www.facebook.com/identitytheory

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

48 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.identitytheory.com/ 90 KB
13 KB 1566ms
1254ms Document
text/html 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 / PHP/7.3.11
Resource Hash: 0ce2a532f1602d182dcf0397c670d09e57ca37751a01b63103e58627235a7bb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.16.1
date: Wed, 24 Nov 2021 19:05:36 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.11
link: <https://www.identitytheory.com/wp-json/>; rel="https://api.w.org/"
x-mod-pagespeed: 1.13.35.2-0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
cache-control: max-age=0, no-cache, s-maxage=10

GET
H2 200 wpo-minify-header-361d436f.min.css
www.identitytheory.com/wp-content/cache/wpo-minify/1637778827/assets/ 156 KB
23 KB 166ms
165ms Stylesheet
text/css 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.identitytheory.com/wp-content/cache/wpo-minify/1637778827/assets/wpo-minify-header-361d436f.min.css
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: f02289a83a78e25e473f24c39a6d9ac2b78fd86e7db1ae515619307bbe9cb296

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:36 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 18:38:14 GMT
server: nginx/1.16.1
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: s-maxage=10
accept-ranges: none
content-length: 23663

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 55ms
38ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.identitytheory.com
URL: https://www.identitytheory.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbdbf1dd472c6ee81a9f63ab83f0ad5578277a97a515accea566f136a15ecc49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:36 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 135198
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Nov 2021 02:24:48 GMT
server: cloudflare
etag: W/"11f0f-5d0f2befec061"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6b34e8e55faf68f5-FRA
cf-bgj: minify

GET
H2 200 wpo-minify-header-bb4312ee.min.js Show response
www.identitytheory.com/wp-content/cache/wpo-minify/1637778827/assets/ 98 KB
34 KB 315ms
315ms Script
application/javascript 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.identitytheory.com/wp-content/cache/wpo-minify/1637778827/assets/wpo-minify-header-bb4312ee.min.js
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: fb0609979c7d34c9cc8d288346e0107c4ea164eaf62754ba82305d12c6a7d8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:36 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 18:33:56 GMT
server: nginx/1.16.1
etag: "189f3-5d18d19c3e629-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 34335

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 57ms
36ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-1236937-1

Requested by

Host: www.identitytheory.com
URL: https://www.identitytheory.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e0e1cc1033e06373b849dceba1ecd81a7f49cb8ce93e03efd367f869a1da6b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36140
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 19:05:37 GMT

GET
H2 200 cropped-idt-logo-try-179x107.png
www.identitytheory.com/wp-content/uploads/2021/07/ 11 KB
11 KB 156ms
156ms Image
image/png 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.identitytheory.com/wp-content/uploads/2021/07/cropped-idt-logo-try-179x107.png
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: 0ff97ed05e007c08172990e1c8a51d29ebd0dc701d4c1b2f8eb8853a2516bb05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
last-modified: Mon, 11 Oct 2021 20:42:54 GMT
server: nginx/1.16.1
etag: "2d1f-5ce19c5fe8ab2"
content-type: image/png
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 11551

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 54ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5673299285220883

Requested by

Host: www.identitytheory.com
URL: https://www.identitytheory.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aed7a1805ecc2c10abdbecf7438129d56c862f8739b0bbf7a521c84cb740e7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.identitytheory.com/
Origin: https://www.identitytheory.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51183
x-xss-protection: 0
server: cafe
etag: 6152582017489322397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 19:05:37 GMT

GET
H2 200 wpo-minify-footer-62480877.min.js Show response
www.identitytheory.com/wp-content/cache/wpo-minify/1637778827/assets/ 17 KB
5 KB 165ms
165ms Script
application/javascript 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.identitytheory.com/wp-content/cache/wpo-minify/1637778827/assets/wpo-minify-footer-62480877.min.js
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: 015475a7b5df35448c9d13cbe1c846e957226ec0649313deebb8eaeb87b427c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 18:33:59 GMT
server: nginx/1.16.1
etag: "43fa-5d18d19f9c730-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 4435

GET
H2 200 aerial-root-triangle-cleopold73-1024x678.jpg
www.identitytheory.com/wp-content/uploads/2021/11/ 137 KB
137 KB 157ms
156ms Image
image/jpeg 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.identitytheory.com/wp-content/uploads/2021/11/aerial-root-triangle-cleopold73-1024x678.jpg
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: 99a743f00298ab590801378525381d09e4c35cbff29018f62ef46ef86d31232e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
last-modified: Thu, 18 Nov 2021 18:37:54 GMT
server: nginx/1.16.1
etag: "2231e-5d11474ed5a04"
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 140062

GET
H2 200 Author-Ethel-Rohan-Photo-Credit-Justin-Yee-scaled-e1637163884571-1024x957.jpg
www.identitytheory.com/wp-content/uploads/2021/11/ 96 KB
96 KB 307ms
307ms Image
image/jpeg 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.identitytheory.com/wp-content/uploads/2021/11/Author-Ethel-Rohan-Photo-Credit-Justin-Yee-scaled-e1637163884571-1024x957.jpg
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: c9d2fd8824014e0f3ea5ca0e65a3d1a1dfd6faf89cbc02b514e51101937e7404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
last-modified: Wed, 17 Nov 2021 15:44:45 GMT
server: nginx/1.16.1
etag: "17ea7-5d0fdebd486d8"
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 97959

GET
H2 200 captioning-archives-sloan-e1637099973622-1024x773.jpg
www.identitytheory.com/wp-content/uploads/2021/11/ 90 KB
90 KB 307ms
306ms Image
image/jpeg 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.identitytheory.com/wp-content/uploads/2021/11/captioning-archives-sloan-e1637099973622-1024x773.jpg
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: 831935e8aa4bba4d4eff511afba7f8e81b5db713ce886b2ec2ba36fc31f3f6b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
last-modified: Tue, 16 Nov 2021 21:59:34 GMT
server: nginx/1.16.1
etag: "166c0-5d0ef0a6c689f"
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 91840

GET
H2 200 band-of-brothers.jpg
www.identitytheory.com/wp-content/uploads/2021/11/ 161 KB
162 KB 307ms
307ms Image
image/jpeg 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.identitytheory.com/wp-content/uploads/2021/11/band-of-brothers.jpg
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: dfc709f6908b7c9b6a383dc9661c1b04fb8e3de54899a4870ad5a039c130256b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
last-modified: Wed, 10 Nov 2021 19:50:45 GMT
server: nginx/1.16.1
etag: "285b7-5d0748ab18a27"
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 165303

GET
H2 200 o-beautiful-jung-yun-e1636489760394-1024x861.jpg
www.identitytheory.com/wp-content/uploads/2021/11/ 215 KB
216 KB 307ms
307ms Image
image/jpeg 72.47.224.153
MEDIATEMPLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.identitytheory.com/wp-content/uploads/2021/11/o-beautiful-jung-yun-e1636489760394-1024x861.jpg
Requested by: Host: www.identitytheory.com
URL: https://www.identitytheory.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.47.224.153 , United States, ASN31815 (MEDIATEMPLE, US),
Reverse DNS: agaacqmgka.c03.gridserver.com
Software: nginx/1.16.1 /
Resource Hash: 3e8862b1c26d998749060c3538c2dd9ec7014c57a1ce80a909960c0a34572dee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
last-modified: Tue, 09 Nov 2021 20:29:20 GMT
server: nginx/1.16.1
etag: "35c3b-5d060f6dbef71"
content-type: image/jpeg
cache-control: s-maxage=10
accept-ranges: bytes
content-length: 220219

GET
H2 200 embed Show response
identitytheory.substack.com/ Frame 7B76 23 KB
6 KB 593ms
545ms Document
text/html 2606:4700::6812:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://identitytheory.substack.com/embed

Requested by

Host: www.identitytheory.com
URL: https://www.identitytheory.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b7d68e21a7402d46ccf13e03c40ddd3b992cd60d73cc7df34cd880a8e51c55b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-type: text/html; charset=utf-8
cf-ray: 6b34e8e8e8bc05e9-FRA
cache-control: no-cache
etag: W/"5aa4-FORHFAwaDiXYHFRm3uS3oNcgj9A"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 vegur
cf-cache-status: EXPIRED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cluster: substack
x-powered-by: Express
x-served-by: Substack
server: cloudflare
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 73F5 741 B
577 B 27ms
26ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e2s
cf-cache-status: HIT
age: 579387
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6b34e8e8c9cd68f5-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/ 270 KB
97 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5673299285220883&plah=www.identitytheory.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5673299285220883

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89d344b35209b4b022b6766d8a950255d67fdf2152b3ebda127234ede522a75a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99572
x-xss-protection: 0
server: cafe
etag: 16079490777135290806
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 19:05:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame 7B8D 11 KB
5 KB 35ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5673299285220883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 24 Nov 2021 06:55:30 GMT
expires: Wed, 08 Dec 2021 06:55:30 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 43807
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-1236937-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5434
date: Wed, 24 Nov 2021 17:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Nov 2021 19:35:03 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
642 B 54ms
15ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.identitytheory.com&callback=_gfp_s_&client=ca-pub-5673299285220883

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111110101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5673299285220883&plah=www.identitytheory.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f31a7d2337a3e2f5d9eaa6ed36a4ee2b1bfaa41785c0b8322b1b636195d2dc25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 57ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.identitytheory.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.identitytheory.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 574D 0
19 B 124ms
110ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&adk=1812271804&adf=3025194257&lmt=1637780737&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.identitytheory.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737421&bpp=3&bdt=596&idt=84&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=760035919882&frm=20&pv=2&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=101

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 19:05:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 19:05:37 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 693A 73 KB
28 KB 684ms
679ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&h=600&slotname=1799275321&adk=116873284&adf=1804835062&pi=t.ma~as.1799275321&w=288&fwrn=4&fwrnh=100&lmt=1637780737&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.identitytheory.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737424&bpp=3&bdt=599&idt=103&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=760035919882&frm=20&pv=1&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1092&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DOR2NpU4m7&p=https%3A//www.identitytheory.com&dtd=107

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b874b9bbce2585ad50ad2785944016bba223acea7af2c119859ff46eb7e0d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Nov 2021 19:05:38 GMT
server: cafe
content-length: 28958
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 19:05:38 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=320764897&t=pageview&_s=1&dl=https%3A%2F%2Fwww.identitytheory.com%2F&ul=en-us&de=UTF-8&dt=Identity%20Theory%3A%20A%20Literary%20Website%20-%20Fiction%2C%20Interviews%2C%20Essays&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=2028015876&gjid=827834340&cid=1792488379.1637780738&tid=UA-1236937-1&_gid=158720708.1637780738&_r=1&gtm=2ouba1&z=414973619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.identitytheory.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:05:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.identitytheory.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.css
cdn.substack.com/theme/ Frame 7B76 393 KB
51 KB 49ms
8ms Stylesheet
text/css 2600:9000:2156:ee00:3:e0f8:540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.substack.com/theme/main.css?v=d394026a0e52c3ae1862473847204e05

Requested by

Host: identitytheory.substack.com
URL: https://identitytheory.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ee00:3:e0f8:540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

ab55eb48d5f551d97924050171edd273262c8d355651f6eb2c6438935c006e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identitytheory.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-cluster: substack
etag: W/"62556-HShoxGm8NPMedPI5dw/jCpxnJug"
age: 1281
x-powered-by: Express
x-cache: Hit from cloudfront
content-encoding: gzip
x-served-by: Substack
server: Cowboy
date: Wed, 24 Nov 2021 18:44:17 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 vegur, 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YK9_-S5QcnnEi1ZYS7SJ1OHybXLnYtx28ZOZKmFMRPtsJ-hocJOWeQ==

GET
H2 200 https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.black.png
cdn.substack.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/ Frame 7B76 1 KB
2 KB 55ms
14ms Image
image/png 2600:9000:2156:ee00:3:e0f8:540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.substack.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.black.png

Requested by

Host: identitytheory.substack.com
URL: https://identitytheory.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ee00:3:e0f8:540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d4c4434e72f63c8b879b2784258d21478cd7bbe62b317c11a85172410c95ccb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identitytheory.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 09:09:40 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 25091758
x-cache: Hit from cloudfront
server-timing: fastly;dur=1;cpu=0;start=2021-02-07T09:09:40.712Z;desc=hit,rtt;dur=0
content-length: 1523
last-modified: Sat, 15 Aug 2020 00:13:50 GMT
server: Cloudinary
etag: "f0153c0cfa8fa1abc6efa5da08ac07c6"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Aq0WyVIAFGJ6ocrxOktCLRg5cRjrFpwa3rrpVf-hrb_w-yhvUv1oVA==

GET
H2 200 c41771aeccbb43fbbffbc4755e65c9be.min.js Show response
js.sentry-cdn.com/ Frame 7B76 2 KB
1 KB 24ms
7ms Script
text/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js

Requested by

Host: identitytheory.substack.com
URL: https://identitytheory.substack.com/embed

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9fb357b1109a2c634411c29dd580489fe7a916d19d62a8a6a9faa2673e176862

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://identitytheory.substack.com/
Origin: https://identitytheory.substack.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
x-envoy-upstream-service-time: 11
vary: Accept-Encoding
content-length: 1019
x-xss-protection: 1; mode=block
x-served-by: getsentry-web-default-production-57ff5ddb5d-7qb48, cache-ord1721-ORD, cache-fra19134-FRA
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
x-envoy-attempt-count: 1
accept-ranges: bytes

GET
H2 200 main.bundle.js Show response
cdn.substack.com/min/ Frame 7B76 1 MB
372 KB 53ms
14ms Script
application/javascript 2600:9000:2156:ee00:3:e0f8:540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.substack.com/min/main.bundle.js?v=123bdc-17d53343c40

Requested by

Host: identitytheory.substack.com
URL: https://identitytheory.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ee00:3:e0f8:540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

420456792d1af932ac7051aa1e5524cf5d985eddc6fdc5141886836561d8a17b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identitytheory.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-cluster: substack
etag: W/"123bdc-17d53343c40"
age: 1281
x-powered-by: Express
x-cache: Hit from cloudfront
content-encoding: gzip
x-served-by: Substack
last-modified: Wed, 24 Nov 2021 18:27:52 GMT
server: Cowboy
date: Wed, 24 Nov 2021 18:44:16 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 vegur, 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GviaZRBnxYom9ylkvD4R8TnxO01UruEWKa7ggBYbQc-pXHf0IZnLQQ==

GET
H3 200 firehose
identitytheory.substack.com/api/v1/ Frame 7B76 35 B
676 B 218ms
201ms Image
image/gif 2606:4700::6812:1c9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://identitytheory.substack.com/api/v1/firehose?_=1637780738518&d=eyJldmVudCI6InBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoiMWl0ZWp0ZzhxNWgifSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsInBhZ2UiOnsicmVmZXJyZXIiOiJodHRwczovL3d3dy5pZGVudGl0eXRoZW9yeS5jb20vIiwidGl0bGUiOiJTdXBlciBJZGVudGl0eSBUaGVvcnkgU3Vic3RhY2sgUGFydHkgfCBNYXR0IEJvcm9uZHkgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vaWRlbnRpdHl0aGVvcnkuc3Vic3RhY2suY29tL2VtYmVkIn19fQ%3D%3D

Requested by

Host: identitytheory.substack.com
URL: https://identitytheory.substack.com/embed

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identitytheory.substack.com/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:38 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
x-cluster: substack
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache
strict-transport-security: max-age=31536000
cf-ray: 6b34e8f0386a690f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35
x-served-by: Substack

GET
H2 200 https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.png
cdn.substack.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/ Frame 7B76 1 KB
2 KB 8ms
7ms Image
image/png 2600:9000:2156:ee00:3:e0f8:540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.substack.com/image/fetch/w_200,c_limit,f_auto,q_auto:good,fl_progressive:steep/https%3A%2F%2Fsubstack.com%2Fimg%2Fsubstack_wordmark.png

Requested by

Host: identitytheory.substack.com
URL: https://identitytheory.substack.com/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ee00:3:e0f8:540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e102e20a84a0c66e65f52ed969417ec7d0069c66507bca0380e35da58448bf92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://identitytheory.substack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 03:13:15 GMT
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 25458743
x-cache: Hit from cloudfront
server-timing: fastly;dur=1;cpu=0;start=2021-02-03T03:13:15.877Z;desc=hit,rtt;dur=0
content-length: 1527
last-modified: Sat, 15 Aug 2020 00:13:54 GMT
server: Cloudinary
etag: "1dbdd8872d7a515f07581f47bf94834c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 6RssbjFz18S4oh68Kl9kFIw3xxduhPwJRVDKGi5OCEouEmcvhG8-2A==

GET
H2 200 6236037230911508455
tpc.googlesyndication.com/daca_images/simgad/ Frame 693A 62 KB
63 KB 45ms
16ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/6236037230911508455

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&h=600&slotname=1799275321&adk=116873284&adf=1804835062&pi=t.ma~as.1799275321&w=288&fwrn=4&fwrnh=100&lmt=1637780737&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.identitytheory.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737424&bpp=3&bdt=599&idt=103&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=760035919882&frm=20&pv=1&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1092&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DOR2NpU4m7&p=https%3A//www.identitytheory.com&dtd=107

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0862fb0e02d637f2efc1e78a79d6facf648830eedf701bce02c1c3f87d77f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:52:41 GMT
x-content-type-options: nosniff
age: 11577
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63908
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 23:36:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 15:52:41 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 693A 19 KB
8 KB 37ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 18:57:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 693A 2 KB
1 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 19:03:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 693A 119 KB
37 KB 79ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 19:05:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 693A 15 KB
6 KB 33ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 500
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 18:57:18 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 693A 27 KB
11 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7011
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0
server: cafe
etag: 10656063359522146397
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 17:08:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 693A 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_kZmAY2eYYvXIpWHlgSfya_oAd3bothmyKLrnKUOv-EeEAEgpeD6AWCV-vCBjAegAZuI0Z8DyAECqQIlrw1sP8iyPqgDAcgDyQSqBNsBT9AYnLIMnBYCIP5Jg4s55-aAS7RUDVaUD6KMf3jpzzVXOywIdBQltM9nTIzUNvQdvRHO81bY2PYsI3dOMnFOh2vnDEI5SO6xPYK9O-vdjM1jFZDSsUwqnZePAto4UnvfaUiFlugQbqe1PXNlmODQj-I0Vymb_038sxo64OMgCuMZAYFsjBCF-DqV3WgTQBSXZZbCnqXY00nL36CQptI0nT4gPXg3tfGX4IxdmaOvRmz9h3K1ZQYJ7obcwNP3yPVSjh-ULLzVUyXlIY3c3vOfRvvQuSeJ9YAkW9nswATcksGr2AOSBQQIBBgBkgUECAUYBKAGAoAHzfeuYKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEO69VdIICQiA4YAQEAEYX4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NjczMjk5Mjg1MjIwODgzGAA&sigh=2fI5XjLS9FU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&h=600&slotname=1799275321&adk=116873284&adf=1804835062&pi=t.ma~as.1799275321&w=288&fwrn=4&fwrnh=100&lmt=1637780737&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.identitytheory.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737424&bpp=3&bdt=599&idt=103&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=760035919882&frm=20&pv=1&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1092&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DOR2NpU4m7&p=https%3A//www.identitytheory.com&dtd=107
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 24 Nov 2021 19:05:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 24 Nov 2021 19:05:38 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF6D 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5673299285220883&output=html&h=600&slotname=1799275321&adk=116873284&adf=1804835062&pi=t.ma~as.1799275321&w=288&fwrn=4&fwrnh=100&lmt=1637780737&rafmt=1&psa=0&format=288x600&url=https%3A%2F%2Fwww.identitytheory.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637780737424&bpp=3&bdt=599&idt=103&shv=r20211111&mjsv=m202111110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=760035919882&frm=20&pv=1&ga_vid=1792488379.1637780738&ga_sid=1637780738&ga_hid=320764897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1092&ady=728&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063735&oid=2&pvsid=1543798415257239&pem=272&tmod=1395312601&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=DOR2NpU4m7&p=https%3A//www.identitytheory.com&dtd=107

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Nov 2021 19:02:16 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BF6D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

71ms
71ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 19:05:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 19:05:38 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 19:05:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 693A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08e1a1804653a40807b052a402a6cb306e4a6d69e6873c6f8b001ad9b9672213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 44ms
29ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211111&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cab4c9d75157e94f60c58064c7cb98e546fdeb12073c199f43b1f133c76fffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 19:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9368
x-xss-protection: 0

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame ACCC 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 13:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 13:27:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 24 Nov 2021 19:05:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A8C3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 24 Nov 2021 17:25:08 GMT
expires: Thu, 24 Nov 2022 17:25:08 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BE07 783 B
534 B 33ms
17ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

89ccc81f8505be67f399224caed44a9d59ffb68ccc3cba002dbba94eefc8ed08

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uvgFr9P9nuZa2ksVRS3Rng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 24 Nov 2021 19:05:39 GMT
date: Wed, 24 Nov 2021 19:05:39 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uvgFr9P9nuZa2ksVRS3Rng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js Show response
pagead2.googlesyndication.com/bg/ Frame A8C3 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/W74_wbIuhH6bObXj0uCjode8PwiBrxgOKnAqo6ShAmY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 13:27:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13296
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 13:27:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BE07 0
0 75ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211111&jk=1543798415257239&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211111&jk=1543798415257239&bg=!Pj2lPXnNAAZQLpa_UC47ACkAdvg8Wqeb5-LERp-OrNCGDX88F0UsxOFQxMmV-lrtzbTHelS2r92GIwIAAABTUgAAAAloAQcKAAfl-_ogBfukmQJ_5HwdiUwPhvZkEtdOFbjo-ilIH_AhDikbgTnGil2HWRGt7shDWQfAyyXqRBZCM7l25edzSok1Ls_Z8Tg4loP4DLwBqW8D-eWvp0Eunb2MNrrwOIEB6MUjpW2dOH7CmyQsY8w77Uz-xsozpabPa9np6apIuZmetQW1rLOO1MaCjzuFYZEX1YTWPHJIe2hPD7O-VI9suCjh1aQyA2FIagFIGzxuVjxQPPzqCTKo7axvSVX8CzHejYjzl_whDkFx0KPuxfAVzEX-xF9tZZ1k3SmIspYtaJICcMTtHn9M-rbUK0yPSXcPfoajzcoor5HPLclt1Bsaehg8Qk1rDgtiWhFIR2Ba5vRO8BSLlStZZX8atzY4khTeQ3TBOl7VVM5fw-oyZvzCvJx4cxr1eMziNlpP8pzBZKoITocl-qWbs3KkSDQWlyV6L1zoB1K0MEgGOMG7mBHOuBstIyC4RRHPCCEr-34v_lZAra2Sd9PGyMSwwrk-Rw064aK0O5UbwqytOmYaUlNheuZIUUaFWzVllxRYNFC810o8Ryky6_PQWdWV9Ztck6Ymz_t4deub3EQCypYk2A9g3NHTgHytNe2gJpDhIbgb6k6NgG7yPp6vv0VAD7lQf-wdT-0-LyXgP1FpKOo5dgD4z5VwcYTMPhnjoup7lvd3RFHM1rSlw8f180IiC2JXulgvtbS9n2NZJo7rG_dA0Ml05WmSCc0rMBxHyWlsMWkKDhfQG8JfMc91poO3RZNnRwctOII3EV5rDEfX0B3WNv_1tFt6_OwU3j8Rokuy_eFcBHW1AYLzP8bGPj9KnVNBk5EDnm3PF2-QzypkRKAulz22osVtVcQvH3S7dgK5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.identitytheory.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 693A 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttOU7dNhjsw7UXL-iet2xiVrm-SnjEr0G6XrGvo7FWflI2ADgb8AMeVcLP0S9bK8I4eUSc7bVsUm_lXNwCGLLDRGy1MV_D2MSWXi02YFtXDPytc6snUA&sai=AMfl-YTFFnDbYZuf0e0ICxWuVHMPe9EbEJXocmI0GnAip09p5ah6PrAR-oEcxNiNbSCAJiq__cfeLZXwEy32&sig=Cg0ArKJSzMndcvg_3_zBEAE&id=lidar2&mcvt=1000&p=0,0,576,288&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=4&adk=116873284&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637780737532&rpt=1207&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 19:05:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.identitytheory.com/	1970-01-20 16:27:32	Name: _ga Value: GA1.2.1792488379.1637780738
.identitytheory.com/	1970-01-19 22:57:47	Name: _gid Value: GA1.2.158720708.1637780738
.identitytheory.com/	1970-01-19 22:56:20	Name: _gat_gtag_UA_1236937_1 Value: 1
.identitytheory.com/	1970-01-20 08:17:56	Name: __gads Value: ID=19a7c73cfa1df406-22054dc1facb00d6:T=1637780737:RT=1637780737:S=ALNI_MaqTsiP7idFNuNunxMHVVm-xrVzUw
.doubleclick.net/	1970-01-20 08:17:56	Name: IDE Value: AHWqTUlZMdLn4kQaRUYKnAALcyUXiu4rnwuyiWKWFUHJeENequ-XTFyKB8-8Sl3YP40
.doubleclick.net/	1970-01-19 22:56:24	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.substack.com
googleads.g.doubleclick.net
identitytheory.substack.com
js.sentry-cdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
static.addtoany.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.identitytheory.com
142.250.186.34
2600:9000:2156:ee00:3:e0f8:540:93a1
2606:4700:10::ac43:2794
2606:4700::6812:1c9
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:830::2008
2a04:4e42:600::729
72.47.224.153
0072f2a89bd32697c990a647ce4577265131df2f7d089ecef8eb14d50abdfb36
015475a7b5df35448c9d13cbe1c846e957226ec0649313deebb8eaeb87b427c8
08e1a1804653a40807b052a402a6cb306e4a6d69e6873c6f8b001ad9b9672213
0b874b9bbce2585ad50ad2785944016bba223acea7af2c119859ff46eb7e0d42
0cab4c9d75157e94f60c58064c7cb98e546fdeb12073c199f43b1f133c76fffa
0ce2a532f1602d182dcf0397c670d09e57ca37751a01b63103e58627235a7bb5
0ff97ed05e007c08172990e1c8a51d29ebd0dc701d4c1b2f8eb8853a2516bb05
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3e8862b1c26d998749060c3538c2dd9ec7014c57a1ce80a909960c0a34572dee
420456792d1af932ac7051aa1e5524cf5d985eddc6fdc5141886836561d8a17b
4aed7a1805ecc2c10abdbecf7438129d56c862f8739b0bbf7a521c84cb740e7c
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5bbe3fc1b22e847e9b39b5e3d2e0a3a1d7bc3f0881af180e2a702aa3a4a10266
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
831935e8aa4bba4d4eff511afba7f8e81b5db713ce886b2ec2ba36fc31f3f6b3
89ccc81f8505be67f399224caed44a9d59ffb68ccc3cba002dbba94eefc8ed08
89d344b35209b4b022b6766d8a950255d67fdf2152b3ebda127234ede522a75a
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
99a743f00298ab590801378525381d09e4c35cbff29018f62ef46ef86d31232e
9e0e1cc1033e06373b849dceba1ecd81a7f49cb8ce93e03efd367f869a1da6b8
9fb357b1109a2c634411c29dd580489fe7a916d19d62a8a6a9faa2673e176862
a0862fb0e02d637f2efc1e78a79d6facf648830eedf701bce02c1c3f87d77f84
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab55eb48d5f551d97924050171edd273262c8d355651f6eb2c6438935c006e97
b7d68e21a7402d46ccf13e03c40ddd3b992cd60d73cc7df34cd880a8e51c55b2
c9d2fd8824014e0f3ea5ca0e65a3d1a1dfd6faf89cbc02b514e51101937e7404
cbdbf1dd472c6ee81a9f63ab83f0ad5578277a97a515accea566f136a15ecc49
d4c4434e72f63c8b879b2784258d21478cd7bbe62b317c11a85172410c95ccb6
dfc709f6908b7c9b6a383dc9661c1b04fb8e3de54899a4870ad5a039c130256b
e102e20a84a0c66e65f52ed969417ec7d0069c66507bca0380e35da58448bf92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02289a83a78e25e473f24c39a6d9ac2b78fd86e7db1ae515619307bbe9cb296
f31a7d2337a3e2f5d9eaa6ed36a4ee2b1bfaa41785c0b8322b1b636195d2dc25
fb0609979c7d34c9cc8d288346e0107c4ea164eaf62754ba82305d12c6a7d8ef

www.identitytheory.com Open in urlscan Pro 72.47.224.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

48 Requests

79 %HTTPS

86 %IPv6

12 Domains

15 Subdomains

15 IPs

2 Countries

1662 kBTransfer

3723 kBSize

6 Cookies

4 Outgoing links

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.identitytheory.com Open in urlscan Pro
72.47.224.153 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

79 %
HTTPS

86 %
IPv6

12
Domains

15
Subdomains

15
IPs

2
Countries

1662 kB
Transfer

3723 kB
Size

6
Cookies

48 HTTP transactions
1 data transactions