slidehunter.com Open in urlscan Pro
208.86.159.59 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Submission Tags: falconsandbox
Submission: On September 23 via api (September 23rd 2022, 9:09:26 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 20 domains to perform 95 HTTP transactions. The main IP is 208.86.159.59, located in United States and belongs to LIQUIDWEB, US. The main domain is slidehunter.com. The Cisco Umbrella rank of the primary domain is 747059.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 17th 2022. Valid for: 3 months.

This is the only time slidehunter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	208.86.159.59 208.86.159.59	32244 (LIQUIDWEB) (LIQUIDWEB)
8	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	18.66.147.27 18.66.147.27	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	52.167.85.21 52.167.85.21	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	3.67.235.152 3.67.235.152	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:da00:5:3aaa:f40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
95	30

5 208.86.159.59 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: slidehunter.com

slidehunter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

d7c2r9g9.rocketcdn.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-27.fra60.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

cdn.slidehunter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.180.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.167.85.21 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

i.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.67.235.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-235-152.eu-central-1.compute.amazonaws.com

a3.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:da00:5:3aaa:f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pubguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	280 KB
17	gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com	464 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2282	107 KB
8	rocketcdn.me d7c2r9g9.rocketcdn.me — Cisco Umbrella Rank: 910138	106 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	37 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 557 i.clarity.ms — Cisco Umbrella Rank: 5269 c.clarity.ms — Cisco Umbrella Rank: 998	27 KB
6	slidehunter.com slidehunter.com — Cisco Umbrella Rank: 747059 cdn.slidehunter.com Failed	83 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40	37 KB
3	pubguru.net a3.pubguru.net — Cisco Umbrella Rank: 18298	837 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	222 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9081 www.google.de — Cisco Umbrella Rank: 6352	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128 partner.googleadservices.com — Cisco Umbrella Rank: 857	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	m2.ai m2d.m2.ai — Cisco Umbrella Rank: 18984	200 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	92 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 220	557 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	44 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 67	4 KB
1	pubguru.com cdn.pubguru.com — Cisco Umbrella Rank: 27057	4 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1075	41 KB
95	20

	Domain	Requested by
10	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	slidehunter.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	d7c2r9g9.rocketcdn.me	slidehunter.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net
6	encrypted-tbn3.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com
5	slidehunter.com	slidehunter.com
4	encrypted-tbn2.gstatic.com
4	www.google.com	1 redirects slidehunter.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	fundingchoicesmessages.google.com	cdn.pubguru.com
3	a3.pubguru.net	m2d.m2.ai
3	i.clarity.ms	www.clarity.ms
3	fonts.googleapis.com	slidehunter.com tpc.googlesyndication.com
2	encrypted-tbn1.gstatic.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	slidehunter.com
2	www.clarity.ms	d7c2r9g9.rocketcdn.me www.clarity.ms
2	connect.facebook.net	slidehunter.com connect.facebook.net
2	m2d.m2.ai	slidehunter.com m2d.m2.ai
2	www.googletagmanager.com	slidehunter.com www.googleoptimize.com
1	c.bing.com	1 redirects
1	www.googletagservices.com	googleads.g.doubleclick.net
1	lh3.googleusercontent.com	slidehunter.com
1	cdn.pubguru.com	m2d.m2.ai
1	www.google.de	slidehunter.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.slidehunter.com	slidehunter.com
1	www.googleoptimize.com	slidehunter.com
1	ajax.googleapis.com	slidehunter.com
95	32

This site contains links to these domains. Also see Links.

Domain
creativecommons.org

Subject Issuer	Validity	Valid
slidehunter.com cPanel, Inc. Certification Authority	`2022-09-17` - `2022-12-16`	3 months	crt.sh
*.rocketcdn.me R3	`2022-09-01` - `2022-11-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.m2.ai Amazon	`2021-11-08` - `2022-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-03` - `2022-10-01`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
cdn.slidehunter.com R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.pubguru.net Amazon	`2022-04-26` - `2023-05-25`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Frame ID: E1B30DC5FFA8209C1E9B9D89BCA3928E
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
Frame ID: AA9C090D4E67AE3DE23CEAA0AA7F331B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198
Frame ID: 7771EE559FA0B4FCDBA841A415142F2C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&adk=1812271804&adf=3025194257&lmt=1663885665&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360148&bpp=2&bdt=490&idt=199&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&nras=1&correlator=5523286558348&frm=20&pv=1&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=205
Frame ID: 910C3A178100B956357C9DFF3AA79E3A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8EC2F1CF4B858A4621BDEEB46430152C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html
Frame ID: A0C9EAB66608E6376342EA9C3197E9A3
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2B8B7FC1E6CFF08AFF79ECFB44562DB8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A85AEE434A013A312AD26933405BE57C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E4B2ADA63BF6D7DE92F1E97188FFD5F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Free Christmas Tree PowerPoint Template - Free PowerPoint Templates - SlideHunter.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

96 %
HTTPS

73 %
IPv6

20
Domains

32
Subdomains

30
IPs

5
Countries

1655 kB
Transfer

4402 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://creativecommons.org/licenses/by/4.0/
Title: cc by 2.0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=DB77920E4B774F4BBE817C36CAE917D7&RedC=c.clarity.ms&MXFR=02C3F5BD22A662D20913E79526A66C48 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=DB77920E4B774F4BBE817C36CAE917D7&MUID=2CAC46C7DA0B6BAE16CF54EFDB806AE9

95 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/ 70 KB
16 KB 382ms
117ms Document
text/html 208.86.159.59
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.86.159.59 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: slidehunter.com
Software: LiteSpeed /
Resource Hash: bd7b5ba5f5ca05566b8e36e6a394cc739963837f65137d56a2597f1921f7b656

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 21:09:19 GMT
expires: Fri, 23 Sep 2022 21:09:19 GMT
last-modified: Thu, 22 Sep 2022 22:27:45 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent

GET
H2 200 style.min.css
d7c2r9g9.rocketcdn.me/wp-includes/css/dist/block-library/ 81 KB
14 KB 91ms
12ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://d7c2r9g9.rocketcdn.me/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: gzip
etag: "1649216460"
last-modified: Wed, 06 Apr 2022 03:41:00 GMT
server: LiteSpeed
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1663967359.cds164.fr8.hn,1663967359.cds103.fr8.c
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public
accept-ranges: bytes
link: <https://slidehunter.com/wp-includes/css/dist/block-library/style.min.css>; rel="canonical"
content-length: 14159

GET
H2 200 rounded-thumbs.min.css
d7c2r9g9.rocketcdn.me/wp-content/plugins/contextual-related-posts/css/ 1 KB
660 B 94ms
15ms Stylesheet
text/css 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: 0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: gzip
etag: "1615898361"
last-modified: Tue, 16 Mar 2021 12:39:21 GMT
server: LiteSpeed
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1663967359.cds164.fr8.hn,1663967359.cds213.fr8.c
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public
accept-ranges: bytes
link: <https://slidehunter.com/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css>; rel="canonical"
content-length: 465

GET
H2 200 style.css
slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/ 8 KB
2 KB 115ms
114ms Stylesheet
text/css 208.86.159.59
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/style.css?ver=1661528875
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.86.159.59 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: slidehunter.com
Software: LiteSpeed /
Resource Hash: d080df38ba0758da4a4f11abb8c6023abe32618b8d2de407dee279a52fe8f617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: br
last-modified: Fri, 26 Aug 2022 15:47:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 2337
expires: Fri, 30 Sep 2022 21:09:19 GMT

GET
H2 200 style.css
slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/html/dist/css/ 197 KB
29 KB 115ms
115ms Stylesheet
text/css 208.86.159.59
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/html/dist/css/style.css?ver=1661528875
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.86.159.59 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: slidehunter.com
Software: LiteSpeed /
Resource Hash: f64a64e164298b326dcc7d841e9c7d85a837b3f052609c9b594b7095a4d3aa20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: br
last-modified: Fri, 26 Aug 2022 15:47:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 29506
expires: Fri, 30 Sep 2022 21:09:19 GMT

GET
H2 200 style-custom.css
slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/ 2 KB
688 B 227ms
226ms Stylesheet
text/css 208.86.159.59
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/style-custom.css?ver=1661528875
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.86.159.59 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: slidehunter.com
Software: LiteSpeed /
Resource Hash: 74cb272172d67bd02891ddf7170c6174651aff026c10bf7d15695b3f26c61050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: br
last-modified: Fri, 26 Aug 2022 15:47:55 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 654
expires: Fri, 30 Sep 2022 21:09:19 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 18:13:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 113ms
50ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-759729218

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f224c22fc2113d1a25ed14c9d07ad8054e8ac7135aad5064e59104a82edca68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46546
x-xss-protection: 0
expires: Fri, 23 Sep 2022 21:09:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
57 KB 149ms
69ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d95507de174be5f70b6ca64b4b17cfbb1d0cd1aa43ca365cec3bfeec561d8a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58105
x-xss-protection: 0
server: cafe
etag: 1084682763299374602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 21:09:20 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 104 KB
41 KB 69ms
24ms Script
application/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NXKTDKD

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

367137522c2ae868ac412d8850d61ffd18fd90d206e7ea7aeb36703b53dd9f79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41442
x-xss-protection: 0
expires: Fri, 23 Sep 2022 21:09:19 GMT

GET
H2 200 pghb.slidehunter.content.js Show response
m2d.m2.ai/ 93 KB
13 KB 84ms
14ms Script
application/javascript 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pghb.slidehunter.content.js
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c6f22c4188f531429838f206a8c17636e37ad9023239c52436c0b13fc886fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: i..rGabiiVokj18iATqWSzppjdQjukNE
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 08:03:10 GMT
server: AmazonS3
age: 479
etag: W/"6727874e87dbbc720412eb1d234e55c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control: max-age=14400
date: Fri, 23 Sep 2022 21:09:20 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: rSFVU8NDzyHYFHuu0n3bxAdF3N6QPRX70othupsh_-dn1_jDNY3UOA==

GET
H2 200 lazyload.min.js Show response
d7c2r9g9.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 16ms
15ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: gzip
etag: "1646922685"
last-modified: Thu, 10 Mar 2022 14:31:25 GMT
server: LiteSpeed
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1663967359.cds164.fr8.hn,1663967359.cds246.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private
accept-ranges: bytes
link: <https://slidehunter.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js>; rel="canonical"
content-length: 3129

GET
H2 200 2824de349ed76e74c1165af9907da609.js Show response
d7c2r9g9.rocketcdn.me/wp-content/cache/min/1/ 98 KB
32 KB 16ms
15ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/cache/min/1/2824de349ed76e74c1165af9907da609.js
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: 01626041106f7c68932a8b99532f298e568709f6bac6b01e6efe29242a239cd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: gzip
etag: "1661528367"
last-modified: Fri, 26 Aug 2022 15:39:27 GMT
server: LiteSpeed
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1663967359.cds164.fr8.hn,1663967359.cds166.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private
accept-ranges: bytes
link: <https://slidehunter.com/wp-content/cache/min/1/2824de349ed76e74c1165af9907da609.js>; rel="canonical"
content-length: 32173

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
1 KB 43ms
19ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&display=swap

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/wp-content/cache/min/1/wp-content/themes/slidehunter21/html/dist/css/style.css?ver=1661528875

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4b5d9bfb28d58cf9b63a0b7e011c55563c9403514406d942e7c3032618ea963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 21:09:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 21:09:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 21:09:19 GMT

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d7e49c48c09ff4f318dbcf81e5a2b38f6cf2d007f95d7978e913a8302f76d94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://slidehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 27710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 13:27:29 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2de5adf2717e6e6a537047bd7c0c7c20feb880f64536bc40c9e0286aff82139f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7794f7a828bfecd6edc7a9c041d7d84f5b19790696fb8b17e0bc4a4caa901cb8

Request headers

Referer
Origin: https://slidehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 27ms
10ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,600;1,300;1,400;1,500;1,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://slidehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:56:05 GMT
x-content-type-options: nosniff
age: 375194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 12:56:05 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ade02bc47eba82ee4d93a220a6b4c9afdb56f826eab6b220c7aa1757e8d32b6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a14ea03c678fe3a3ac453e1778b500e39bd693d46843141ad49536f0760012d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3f222865ea762194dab3dddd6ca4d12f2b7cd2a09f10bae9f33009f44d64d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 63ms
16ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: 5mefmxMKpGwISrwCqRF9w2/8NJ/05QL51GpMlgWgn7AQZVOVcCRfkbXcBFMUIKCu9NXaGF5pTCtUPBI3ZWvSdA==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 21:09:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 rating_over.png
slidehunter.com/wp-content/plugins/wp-postratings/images/stars_crystal/ 0
76 B 114ms
113ms Image
text/plain 208.86.159.59
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://slidehunter.com/wp-content/plugins/wp-postratings/images/stars_crystal/rating_over.png
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 208.86.159.59 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: slidehunter.com
Software: LiteSpeed /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
server: LiteSpeed
content-length: 0
vary: User-Agent,Accept-Encoding,User-Agent

GET
H2 200 pg-220817-e47-nc-66c5ecac010055de63cafc299636cb4a.js Show response
m2d.m2.ai/v/ 657 KB
187 KB 412ms
412ms Script
application/javascript 18.66.147.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/v/pg-220817-e47-nc-66c5ecac010055de63cafc299636cb4a.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pghb.slidehunter.content.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89074d5f470adebeaebf5a8064d8963e9e5b55556ba4cb5f0d5a68756a7d9676

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:21 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 12:55:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: W/"636ff337c6a891ef5b76e90e3d4332f9"
vary: Accept-Encoding, Origin
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control: max-age=14400
timing-allow-origin: *
x-amz-cf-id: 0Kh_ybvEfiaoWfGGM0syZicLQ5Zpy3_EMbJ5RrXWjnsZzvkiFBndkQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
46 KB 52ms
51ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-759729218&l=dataLayer&cx=c

Requested by

Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-NXKTDKD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e45d9a9db0c3709c6504705c8493899177fef0b06dcb2289aad6690269cae99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46593
x-xss-protection: 0
expires: Fri, 23 Sep 2022 21:09:20 GMT

GET
H2 200 56fifsk9q5 Show response
www.clarity.ms/tag/ 2 KB
2 KB 142ms
106ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/56fifsk9q5
Requested by: Host: d7c2r9g9.rocketcdn.me
URL: https://d7c2r9g9.rocketcdn.me/wp-content/cache/min/1/2824de349ed76e74c1165af9907da609.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c8d99502cbd21e6709cd0ae1b1acd2f161d3cf2423d501ddab5c9616e6627b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
x-powered-by: ASP.NET
x-azure-ref: 0gCAuYwAAAACQPghIxuTORoTToNYkuSe8QU1TMDRFREdFMTkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 logo-slidehunter-1.svg
d7c2r9g9.rocketcdn.me/wp-content/themes/slidehunter21/html/dist/img/ 5 KB
2 KB 19ms
17ms Image
image/svg+xml 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/themes/slidehunter21/html/dist/img/logo-slidehunter-1.svg
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: 84696810f710f2f70a4b1bc0d13bfc744f8f0442ebc54ee9be361071e8c9760d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
etag: "1601145950"
last-modified: Sat, 26 Sep 2020 18:45:50 GMT
server: LiteSpeed
x-powered-by: RocketCDN
vary: Accept-Encoding
x-hw: 1663967360.cds164.fr8.hn,1663967360.cds128.fr8.c
content-type: image/svg+xml
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=31536000,public
accept-ranges: bytes
link: <https://slidehunter.com/wp-content/themes/slidehunter21/html/dist/img/logo-slidehunter-1.svg>; rel="canonical"
content-length: 1897

GET
H2 200 pine-tree-powerpoint-free.jpg.webp
d7c2r9g9.rocketcdn.me/wp-content/uploads/ 10 KB
10 KB 484ms
482ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/uploads/pine-tree-powerpoint-free.jpg.webp
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: adda79ace8ea8c9b928dcb531ad924ef3cb39271763a8efef49bafbe2d6b07ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
last-modified: Fri, 25 Oct 2019 15:29:00 GMT
server: LiteSpeed
link: <https://slidehunter.com/wp-content/uploads/pine-tree-powerpoint-free.jpg.webp>; rel="canonical"
x-powered-by: RocketCDN
etag: "1572017340"
vary: Accept-Encoding
x-hw: 1663967360.cds164.fr8.hn,1663967360.cds205.fr8.sc,1663967360.cds205.fr8.p
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9960

GET
H2 200 christmas-tree-pine-powerpoint.jpg.webp
d7c2r9g9.rocketcdn.me/wp-content/uploads/ 19 KB
20 KB 487ms
485ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/uploads/christmas-tree-pine-powerpoint.jpg.webp
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: 938f47440933849375e554690d920c6d6b5d30dec6c5d36d7e77acf17e2ed42e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
last-modified: Fri, 25 Oct 2019 15:27:31 GMT
server: LiteSpeed
link: <https://slidehunter.com/wp-content/uploads/christmas-tree-pine-powerpoint.jpg.webp>; rel="canonical"
x-powered-by: RocketCDN
etag: "1572017251"
vary: Accept-Encoding
x-hw: 1663967360.cds164.fr8.hn,1663967360.cds155.fr8.sc,1663967360.cds155.fr8.p
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 19830

GET
H2 200 happy-holidays-template-powerpoint.jpg.webp
d7c2r9g9.rocketcdn.me/wp-content/uploads/ 25 KB
25 KB 485ms
484ms Image
image/webp 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d7c2r9g9.rocketcdn.me/wp-content/uploads/happy-holidays-template-powerpoint.jpg.webp
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: LiteSpeed / RocketCDN
Resource Hash: 7a8616fce3d3377b2cda3d2b2ce76414de661706c4f71b7da8524cf65a372e9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
last-modified: Fri, 25 Oct 2019 15:28:22 GMT
server: LiteSpeed
link: <https://slidehunter.com/wp-content/uploads/happy-holidays-template-powerpoint.jpg.webp>; rel="canonical"
x-powered-by: RocketCDN
etag: "1572017302"
vary: Accept-Encoding
x-hw: 1663967360.cds164.fr8.hn,1663967360.cds007.fr8.sc,1663967360.cds007.fr8.p
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 25264

GET pm_300_250_red.jpg
cdn.slidehunter.com/ads/pm/ 0
0

GET
H2 200 sm-infographics-600x500.png
cdn.slidehunter.com/images/ 34 KB
35 KB 99ms
7ms Image
image/png 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.slidehunter.com/images/sm-infographics-600x500.png
Requested by: Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: b54744107cd0a10217215327b68dd596d957bbdc72fd136e725cc1752b769c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
last-modified: Sun, 25 Oct 2020 22:36:32 GMT
server: keycdn-engine
x-edge-location: defr
vary: Accept-Encoding,User-Agent
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=604800
accept-ranges: bytes
link: <https://slidehunter.com/images/sm-infographics-600x500.png>; rel="canonical"
content-length: 35324
expires: Fri, 30 Sep 2022 21:09:20 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 125ms
45ms Script
text/javascript 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-759729218

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

cafe /

Resource Hash

7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15697
x-xss-protection: 0
server: cafe
etag: 1764007376392519731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 21:09:20 GMT

GET
H3 200 255503505829247 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 171ms
154ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/255503505829247?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b4474f7b0514253b202f1fc5a15413084f9be41014294a3cc677b06b5f7bd9ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: wvbW4tXC8YHL/NpDfekzvH3K84DdR1rYaowZZnbQh6aSF2SeXTggFANXOis9E0PIFVIWZ/RpBnJM859wCvZJVQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 21:09:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/ 347 KB
122 KB 110ms
66ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3801513653062757&plah=slidehunter.com&bust=31069740

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cfc4852e816fc58db0794cb531a792c0235083f0a301f6f329bb91ac971f22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125276
x-xss-protection: 0
server: cafe
etag: 16507116194035235797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 21:09:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/ Frame AA9C 10 KB
5 KB 36ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://slidehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26654
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 13:45:06 GMT
etag: 9671129459699598864
expires: Fri, 07 Oct 2022 13:45:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-c/s/0.6.41/ 54 KB
23 KB 102ms
102ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-c/s/0.6.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56fifsk9q5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:19 GMT
content-encoding: br
etag: "1d8ccdebe9ad570"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0gCAuYwAAAACCpXcYo0QkR4nBLL3b+I7dQU1TMDRFREdFMTkyMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/759729218/ 2 KB
1 KB 76ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/759729218/?random=1663967360223&cv=9&fst=1663967360223&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&tiba=Free%20Free%20Christmas%20Tree%20PowerPoint%20Template%20-%20Free%20PowerPoint%20Templates%20-%20SlideHunter.com&auid=82488897.1663967360&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49a47e81f8636a0ed7cfff28cdf696321cb48abe7b7a3bd74ae5e2d7744cc025

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1087
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 119ms
43ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=slidehunter.com&callback=_gfp_s_&client=ca-pub-3801513653062757

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3801513653062757&plah=slidehunter.com&bust=31069740

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

3716aa82bcd7c2b15845af321bc0a0efac2885d16fbadbbd8609dfd332234056

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 103ms
43ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=slidehunter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=slidehunter.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7771 96 KB
31 KB 1045ms
1045ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea9e4dc894feb258772ebf4de63a1f5ad9a182282082b576f9ade071198a6f0b

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCpubvpq_oCFaWQJwId1P4FXA&gqi=gCAuY-eDFPvinsEP852TyAI&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://slidehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31970
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCpubvpq_oCFaWQJwId1P4FXA&gqi=gCAuY-eDFPvinsEP852TyAI&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 21:09:21 GMT
expires: Fri, 23 Sep 2022 21:09:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 910C 0
20 B 119ms
119ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&adk=1812271804&adf=3025194257&lmt=1663885665&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360148&bpp=2&bdt=490&idt=199&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&prev_fmts=730x280&nras=1&correlator=5523286558348&frm=20&pv=1&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://slidehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 21:09:20 GMT
expires: Fri, 23 Sep 2022 21:09:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 29ms
9ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=255503505829247&ev=PageView&dl=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&rl=&if=false&ts=1663967360367&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663967360366.1101449202&it=1663967360105&coo=false&rqm=GET

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 21:09:20 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/759729218/ 42 B
548 B 52ms
22ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/759729218/?random=1663967360223&cv=9&fst=1663966800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&tiba=Free%20Free%20Christmas%20Tree%20PowerPoint%20Template%20-%20Free%20PowerPoint%20Templates%20-%20SlideHunter.com&async=1&fmt=3&is_vtc=1&random=1621135739&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/759729218/ 42 B
548 B 53ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/759729218/?random=1663967360223&cv=9&fst=1663966800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&tiba=Free%20Free%20Christmas%20Tree%20PowerPoint%20Template%20-%20Free%20PowerPoint%20Templates%20-%20SlideHunter.com&async=1&fmt=3&is_vtc=1&random=1621135739&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
175 B 435ms
208ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.41/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://slidehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://slidehunter.com
date: Fri, 23 Sep 2022 21:09:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H2 200 / Show response
a3.pubguru.net/ 136 B
459 B 45ms
12ms XHR
application/json 3.67.235.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/?device=desktop&domain=slidehunter.com

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220817-e47-nc-66c5ecac010055de63cafc299636cb4a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.235.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-235-152.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

59ac00033d6e98240ed397f83a66e106a576b7c091a402063ef808bd52a5d902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
referrer-policy: same-origin
server: Apache/2.4.29 (Ubuntu)
cross-origin-opener-policy: same-origin
access-control-allow-origin: https://slidehunter.com
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 3
vary: Origin
content-length: 136
x-content-type-options: nosniff

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
378 B 12ms
11ms XHR
text/plain 3.67.235.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220817-e47-nc-66c5ecac010055de63cafc299636cb4a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.67.235.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-67-235-152.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://slidehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
referrer-policy: same-origin
server: Apache/2.4.29 (Ubuntu)
cross-origin-opener-policy: same-origin
access-control-allow-origin: https://slidehunter.com
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 2
vary: Origin,Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 gfc.js Show response
cdn.pubguru.com/ 8 KB
4 KB 72ms
7ms Script
application/javascript 2600:9000:2057:da00:5:3aaa:f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/gfc.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220817-e47-nc-66c5ecac010055de63cafc299636cb4a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:da00:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 1zDVHlGcx640ZLzoe7igwdx1_E7DY9Fe
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 11:40:16 GMT
server: AmazonS3
age: 4974
etag: W/"c1441c4083795f70984ad8988cab61ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
date: Fri, 23 Sep 2022 19:46:27 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 23T-x3bLN6zIZb2McEl-ptMO7auj1EWdT5xjJJP7Sv4RAt5BK9J7RA==

GET
H2 200 AGSKWxWYuWfn_AZ-3neWpwGnmAMGrXGm-OhEeEhLdAn3X6Y6jG5ECbK56SGAOzxESP6AJXg19p-5LQVEkhV4JMb7UdQ= Show response
fundingchoicesmessages.google.com/f/ 104 KB
37 KB 127ms
91ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWYuWfn_AZ-3neWpwGnmAMGrXGm-OhEeEhLdAn3X6Y6jG5ECbK56SGAOzxESP6AJXg19p-5LQVEkhV4JMb7UdQ=

Requested by

Host: cdn.pubguru.com
URL: https://cdn.pubguru.com/gfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d835a887e9bba3d67e6ea729b9eafcacbc1e3754da349f014d4b18dc3f890ce3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EJ3QdZgIGpo4sugmQIBQUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-EJ3QdZgIGpo4sugmQIBQUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 8EC2 0
18 B 21ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://slidehunter.com
Referer: https://slidehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://slidehunter.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 21:09:20 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 AGSKWxUF0VGMXbO4GnE6dNbnJdZNqYWM3JbC15d_4FUGAdMrpjepg6Irkt0O6KI_8gXkkth9QcmPvYAJCjhdUG9_-hM= Show response
fundingchoicesmessages.google.com/f/ 501 KB
69 KB 136ms
118ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUF0VGMXbO4GnE6dNbnJdZNqYWM3JbC15d_4FUGAdMrpjepg6Irkt0O6KI_8gXkkth9QcmPvYAJCjhdUG9_-hM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjYzOTY3MzYwLDk1MDAwMDAwMF0sIjAwMDAwRUVELUJDM0MtNDNDQi1COTg0LUFEMkMyRjg3MzA1RCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vc2xpZGVodW50ZXIuY29tL3Bvd2VycG9pbnQtdGVtcGxhdGVzL2ZyZWUtY2hyaXN0bWFzLXRyZWUtcG93ZXJwb2ludC10ZW1wbGF0ZS8iLG51bGwsW1s4LCJIZUxLczdPU1ZuUSJdLFs5LCJkZSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d75cb9ac43cd239742ffc8390ef3ce0ba71283c4247f337869d58bbee7cdd353

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l9y93oS1uaaoJ3fN5WZCtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l9y93oS1uaaoJ3fN5WZCtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 21:09:21 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stream
a3.pubguru.net/ 0
0 26ms
10ms Ping
text/plain 3.67.235.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a3.pubguru.net/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/v/pg-220817-e47-nc-66c5ecac010055de63cafc299636cb4a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.235.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-235-152.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://slidehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 css
fonts.googleapis.com/ 60 KB
4 KB 40ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.HeLKs7OSVnQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwBLk6619v5WoRCnR3zCq7ycanAFg/m=web_iab_tcf_v2_wall_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8012c9c4412282dd51a5679b6999125acb99f2f168e9311a67fc0cd7cf945b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 21:09:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 21:09:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 21:09:21 GMT

GET
H2 200 snGzbRhOgL7N6bjyfuHgIs4FlffaF4PYiQ0EbZlTa1dFqbfgAgsvtZ-ZsFPGDs5ci7lKhwPKb9zlRFVTADYWpy1AV8CoTNkXtwWApjxI9HzEvh2cwGJr=h60
lh3.googleusercontent.com/ 3 KB
4 KB 34ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/snGzbRhOgL7N6bjyfuHgIs4FlffaF4PYiQ0EbZlTa1dFqbfgAgsvtZ-ZsFPGDs5ci7lKhwPKb9zlRFVTADYWpy1AV8CoTNkXtwWApjxI9HzEvh2cwGJr=h60

Requested by

Host: slidehunter.com
URL: https://slidehunter.com/powerpoint-templates/free-christmas-tree-powerpoint-template/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

541e33eb6570f2c921a23e27b75daf8b40a1e155da3178291d891454ff7fa7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 18:43:28 GMT
x-content-type-options: nosniff
age: 8753
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3457
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 14 Jul 2022 16:47:50 GMT

POST
H3 204 AGSKWxV43Pupj2hoRV3ciHm0OvEOKqRZlzTKjJ1lJMU-R816bxBA8gsl2vKRWawQuh3Nk2WUABjvel0Gq3ucUbWqD815dhXYCQl_O8zhZ4N5Ew3Wixg4XKYNUlxSk_gn0IimGipS6XdahQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 41ms
23ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxV43Pupj2hoRV3ciHm0OvEOKqRZlzTKjJ1lJMU-R816bxBA8gsl2vKRWawQuh3Nk2WUABjvel0Gq3ucUbWqD815dhXYCQl_O8zhZ4N5Ew3Wixg4XKYNUlxSk_gn0IimGipS6XdahQ==?dmid=a0ab541b8605666d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PU4c2puhEQEDCdfG_iIXMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://slidehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 23 Sep 2022 21:09:21 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: https://slidehunter.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-PU4c2puhEQEDCdfG_iIXMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
125 KB 47ms
23ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://slidehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:33:24 GMT
x-content-type-options: nosniff
age: 88557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 20:33:24 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 34ms
18ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://slidehunter.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 353937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Sep 2023 18:50:24 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame A0C9 105 KB
27 KB 49ms
9ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 73723
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26541
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 00:40:38 GMT
expires: Sat, 23 Sep 2023 00:40:38 GMT
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7771 0
0 56ms
56ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMeMDgCAuY8DpFKWhnsEP1P2X4AXzqcyrbMzG3IOIELLqk7TvMBABINX13gtglYKAgJQHoAHm7fjCAcgBCakCWaIGyT1HsD6oAwGqBJUCT9CJKdkPus3VL6Q3QV38Ann86g3wCChKT1UUcfxNZE66XhsCCAZARQvpM6LOQx-emeD3kq87emiahEOo72RSOj5RnF4am2eDPKx7p17OuK16TpVhj_OTf38JZqHXG0Al-qA7C0Wbo_ECsIyXVBis_1D25ehGrHLucGu9fF22Z7lhhM8SW2Kg-63uP4fXOHDO0EWWKVjcT4O6ytqlEGJSU4j2SD9rkKfHyLw_T1PyCkDTVQrdg_hLyMyFsS7Kg1PeiNi5wckcPawt9M3Dw5FjoVF_QKtYJ6yo87r3MFXzVNx5VebE7xM2XBRScdUHnqy2R6YoWuTkIrgbx-tGFLeiETswoKYT3xHFMaJTVuPMhdWmGBBPT8AE3drNo_QDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBmuAB4Otpt4CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcFENSxzwHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0zODAxNTEzNjUzMDYyNzU3GAA&sigh=JtfBXK4UsA0&uach_m=[UACH]&template_id=531

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 23 Sep 2022 21:09:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B8B 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 20:39:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 7771 3 KB
1 KB 46ms
9ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 20:57:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 20:57:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/ Frame 7771 17 KB
8 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220921/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 21:00:27 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 7771 0
20 B 98ms
56ms Other
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMCpubvpq_oCFaWQJwId1P4FXA&gqi=gCAuY-eDFPvinsEP852TyAI&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2B8B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

44ms
44ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 21:09:21 GMT
expires: Fri, 23 Sep 2022 21:09:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 21:09:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7771 0
0 15ms
14ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQH-7iXKktnT-wDpieMvEJ2qwEo5vVw19kZf-mQbVcxaqRC82dLDT548AVeM6f515VsgxL-07N1u3E9drPbCm9tPNKzug
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7771 140 KB
44 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44525
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663760195623328"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 21:09:21 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A0C9 4 KB
664 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 20:20:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 23 Sep 2022 21:09:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Sep 2022 21:09:21 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A0C9 16 KB
6 KB 35ms
10ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Sep 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A0C9 33 KB
13 KB 37ms
11ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13228
x-xss-protection: 0
server: cafe
etag: 10485928763175976200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 24 Sep 2022 09:36:20 GMT

GET
DATA 200
OK truncated
/ Frame 7771 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36f1885aaf8ef002907fa65ed994817aa20f0e07cf405892eecb368174f1996

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect Show response
i.clarity.ms/ 0
25 B 198ms
197ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.41/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://slidehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://slidehunter.com
date: Fri, 23 Sep 2022 21:09:20 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame A0C9 30 KB
30 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 150301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 03:24:20 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=DB77920E4B774F4BBE817C36CAE917D7&RedC=c.clarity.ms&MXFR=02C3F5BD22A662D20913E79526A66C48
https://c.clarity.ms/c.gif?CtsSyncId=DB77920E4B774F4BBE817C36CAE917D7&MUID=2CAC46C7DA0B6BAE16CF54EFDB806AE9

42 B
369 B

28ms
28ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=DB77920E4B774F4BBE817C36CAE917D7&MUID=2CAC46C7DA0B6BAE16CF54EFDB806AE9
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:21 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8d3298b0aac7d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:21 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F4C0A55A2224D0F9A2A222FC8C5E72C Ref B: FRA31EDGE0519 Ref C: 2022-09-23T21:09:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=DB77920E4B774F4BBE817C36CAE917D7&MUID=2CAC46C7DA0B6BAE16CF54EFDB806AE9
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 54ms
54ms XHR
application/json 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220921&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90dd85446ff0d415927f948e597056cf30e9f5508f0dfc5b152bba2e6aacd92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 21:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11224
x-xss-protection: 0

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame A0C9 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 75303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Fri, 23 Sep 2022 00:14:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 00:14:18 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A0C9 29 KB
30 KB 95ms
20ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:55:02 GMT
x-content-type-options: nosniff
age: 393259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 19 Sep 2023 07:55:02 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A0C9 10 KB
10 KB 56ms
17ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 218331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Sep 2023 08:30:30 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A0C9 39 KB
40 KB 49ms
10ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQwpQ4nE8MREjHIoS5JpKVK8miXB1DYqQUlGNzUlHy6G1uAtiqe&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aecce615b509a0f9b271c6e7da81c6d5eeb1ba342349ec110263189d7b9ee38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 08:53:58 GMT
x-content-type-options: nosniff
age: 389723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 19 Sep 2023 08:53:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame A0C9 9 KB
10 KB 114ms
40ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSZor2T1yryzWJq8CXVOR9DRkAaa3mfq42FZMb0WZsNFPojzwf_43GQ-HlFA&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:38:08 GMT
x-content-type-options: nosniff
age: 297073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 22:26:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Sep 2023 10:38:08 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame A0C9 10 KB
10 KB 58ms
20ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJ8qmQh3y8IpLlm2WGnh3kBs2zKuJOHdXISKTA1U5zFBsHPso&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06996d9eff7b6a6fe44e35248366b91be97cc7021a7e34bd00fa11c3e587704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:43:14 GMT
x-content-type-options: nosniff
age: 33967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10411
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 23 Sep 2023 11:43:14 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame A0C9 17 KB
18 KB 48ms
10ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:11:29 GMT
x-content-type-options: nosniff
age: 482272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 07:11:29 GMT

GET
DATA 200
OK truncated
/ Frame A0C9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 21:09:21 GMT

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame A0C9 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 75303
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Fri, 23 Sep 2022 00:14:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 00:14:18 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame A0C9 17 KB
17 KB 29ms
8ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 07:11:29 GMT
x-content-type-options: nosniff
age: 482272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 18 Sep 2023 07:11:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A85A 13 KB
5 KB 14ms
12ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://slidehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 19:07:31 GMT
expires: Sat, 23 Sep 2023 19:07:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E4B2 783 B
534 B 21ms
20ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eaa18126398906eff65177c34f4f9b911b83e7fe4e9296a925c5a5b9257c4455

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Qnr8X15dDcWBv8eygaPkTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://slidehunter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Qnr8X15dDcWBv8eygaPkTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 21:09:21 GMT
expires: Fri, 23 Sep 2022 21:09:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame A0C9 10 KB
10 KB 31ms
15ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQJ8qmQh3y8IpLlm2WGnh3kBs2zKuJOHdXISKTA1U5zFBsHPso&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e06996d9eff7b6a6fe44e35248366b91be97cc7021a7e34bd00fa11c3e587704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 11:43:14 GMT
x-content-type-options: nosniff
age: 33967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10411
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:07 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 23 Sep 2023 11:43:14 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame A0C9 39 KB
39 KB 25ms
10ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQwpQ4nE8MREjHIoS5JpKVK8miXB1DYqQUlGNzUlHy6G1uAtiqe&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aecce615b509a0f9b271c6e7da81c6d5eeb1ba342349ec110263189d7b9ee38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 08:53:58 GMT
x-content-type-options: nosniff
age: 389723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 19 Sep 2023 08:53:58 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame A0C9 10 KB
10 KB 23ms
8ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:30:30 GMT
x-content-type-options: nosniff
age: 218331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 21 Sep 2023 08:30:30 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame A0C9 9 KB
10 KB 65ms
22ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSZor2T1yryzWJq8CXVOR9DRkAaa3mfq42FZMb0WZsNFPojzwf_43GQ-HlFA&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 10:38:08 GMT
x-content-type-options: nosniff
age: 297073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 22:26:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 20 Sep 2023 10:38:08 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame A0C9 29 KB
29 KB 65ms
23ms Image
image/jpeg 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 07:55:02 GMT
x-content-type-options: nosniff
age: 393259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 19 Sep 2023 07:55:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E4B2 0
0 52ms
51ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220921&jk=3736787093018005&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js Show response
pagead2.googlesyndication.com/bg/ Frame A85A 36 KB
16 KB 20ms
19ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D52GskfJOxf5PECSshYwDvZZSmyyoPi_bK3LssDxWko.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 00:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15913
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 00:46:01 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A85A 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?y9oacw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 21:09:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220921&jk=3736787093018005&bg=!0NOl05fNAAYIxsuQKMY7ACkAdvg8WpozTfVThi5-JH4EQ6AeKIEP-i7OjTlEGqp_9d1W3aEUJIuxHwIAAAB6UgAAAAJoAQcKACp6jx2nMztci7R5ottpGbjbjxwiuY7agavz1ybhUmcEuAvDnagfOTGJX0OZAqCHhipzmKGWGTmkp3pxWCJoFXnyJf6iTjD1r1yKtZLjc9kVeHi8rQipS2cprh56J-_NWm3TQYmj032c6CEica8UamCwPr786NsCD9t3x2H448exfrecDk2bp11EHLXa4oDM8BK7Sc2YlA7L6npHzCcKqP-3REpzk0Y_htuVjiVuMSdjNFXZKVYzmu4qyArtt4WKrhutfFkGenJI_KWaNHECnu77oC0NpOH2KG7QiBXTcPfIDyrHXHNeY0jkspNz2SdYAYtL0cg3ewj-TXyRRUXK6KnlXeH-mN9KslnHDMX6GT9M_T6cR7cBwocCBDrqrrsENqg_kUH4ykddrBp-ANrKkkEyyp2eTb90-3Bn99ZMlWcNtiPrOvygbslMoB7T2qCrOeLn30Go5tdCKsH8FeI5X8QJLHEoJscOuxrs2xGrGj2hysMeVQThRUYhmymO0_c7yhXJveR2eooYLgr6Zt31Qr5kO-5dNLKlRniRtsFLdj365fAepzsuimbEm5g89NTGxS5kURK2HCLfqr8xCF6BkS7QPRJRyziqOEY5Ol6VApJyXbtfFAXvHZ9hoD1Q47HTYCzOgDzEc9lgsbXgMuTU2cM8XeU1fW_VZjgIqjyrb_mCMii8laTObwh0buD4W-KtBV0zFrnqJycn82TmHXlfjlYAjECWUI3NeyFSX-AjyDLy2Y0OKTyyZhxcdOyeI9JyPabEVyvL5nx_LZ_DH3OkXboaw0ILNYRdzhzgbS5pjZ95gb5HSZq5BGfwUBynOnX5pWU7YMT1xZW-STveKw4veQppYaL1mse0vg7qbUA6utXuRgHYBTHTpFZsDJ23i8JvXJK07hL8b1W4LO6kcBx3ZkZXXzuGdHyZ3gtrEalVOcG79WtVW73ZyOwMRjySFrc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://slidehunter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7771 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu44wDmOjFznc7zvzxCgZvEDvMdy-OTzle1JmX_n3gbZaF7b-BGcAu1sS7JEmOskqTx4OM5mKiW6LEJeeSGEZ3eAfQW5tiQ4e9m6zpGWwSQwo26UkU5vaMfW4BlHKoMoSUBsVYkhg&sai=AMfl-YRu9km__BoKONV5zoAx0pFF3oVhvx5Vs71fD3D1Eyn6Z2Nw2oVILVRlf6RgT4slQ-F7kJmYK6UMQjI9lEo4SJw9-hWoFcipoeQ&sig=Cg0ArKJSzB09v3VGGriPEAE&cid=CAASF-RoO3BIfDIB4RVA4ODXorRvqkqg-Lay&id=lidar2&mcvt=1000&p=0,0,280,730&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220921&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2909921975&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663967360331&rpt=1249&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 21:09:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
i.clarity.ms/ 0
48 B 1088ms
418ms XHR
text/plain 52.167.85.21
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.6.41/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://slidehunter.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://slidehunter.com
date: Fri, 23 Sep 2022 21:09:23 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.slidehunter.com
URL: https://cdn.slidehunter.com/ads/pm/pm_300_250_red.jpg

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
slidehunter.com/	1970-01-20 06:12:50	Name: pg_buildfile Value: 220817-e47-nc-66c5ecac010055de63cafc299636cb4a
slidehunter.com/	1970-01-20 06:14:13	Name: pg_unq_cohort_key Value: 1:2209151647
.slidehunter.com/	1970-01-20 08:22:23	Name: _gcl_au Value: 1.1.82488897.1663967360
www.clarity.ms/	1970-01-20 14:58:23	Name: CLID Value: aacef889987b49febaa859cb1bd87691.20220923.20230923
.slidehunter.com/	1970-01-20 08:22:23	Name: _fbp Value: fb.1.1663967360366.1101449202
.slidehunter.com/	1970-01-20 14:58:23	Name: _clck Value: q74z1j\|1\|f54\|0
.slidehunter.com/	1970-01-20 15:34:23	Name: __gads Value: ID=f4afb85aa4eec57b-22817b7f2cce009c:T=1663967360:RT=1663967360:S=ALNI_MaI4n_mO3lcJ94heG-CQFMHJdUnpA
slidehunter.com/	1970-01-20 06:12:50	Name: pg_floor_requested Value: 1
slidehunter.com/	1970-01-20 06:12:50	Name: pg_session_depth Value: 1
slidehunter.com/	1970-01-20 06:14:13	Name: pg_preconnecting Value: enabled
slidehunter.com/	1970-01-20 06:14:13	Name: pg_geo_response_time Value: 91
slidehunter.com/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"DE","region":"NI","ip":"81.95.5.41"}
slidehunter.com/	1970-01-20 06:55:59	Name: pg_custom_timeout Value:
slidehunter.com/	1970-01-20 06:55:59	Name: pg_ip Value: 81.95.5.41
slidehunter.com/	1970-01-20 06:13:08	Name: pg_dynamic_floor_expiry Value: 6
slidehunter.com/	1970-01-20 06:14:13	Name: pg_after_init_response_time Value: 32
.slidehunter.com/	1970-01-20 06:14:13	Name: _clsk Value: 1bu9xvd\|1663967360953\|1\|1\|i.clarity.ms/collect
slidehunter.com/	1970-01-20 06:55:59	Name: pg_beacon Value: 1
.doubleclick.net/	1970-01-20 15:34:23	Name: IDE Value: AHWqTUlt6ZQmVV4U6mjcSNxuw8-ae8PWBjZChFH8oQk8stCwvUXa38vT3DUpySc2xSQ
.doubleclick.net/	1970-01-20 06:12:50	Name: DSID Value: NO_DATA
.c.bing.com/	1970-01-20 15:34:23	Name: SRM_B Value: 2CAC46C7DA0B6BAE16CF54EFDB806AE9
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:34:23	Name: MUID Value: 2CAC46C7DA0B6BAE16CF54EFDB806AE9
.c.clarity.ms/	1970-01-20 06:12:47	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1838989884782542848/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3801513653062757&output=html&h=280&slotname=8212914822&adk=2909921975&adf=1043678991&pi=t.ma~as.8212914822&w=730&fwrn=4&fwrnh=100&lmt=1663885665&rafmt=1&psa=0&format=730x280&url=https%3A%2F%2Fslidehunter.com%2Fpowerpoint-templates%2Ffree-christmas-tree-powerpoint-template%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663967360131&bpp=5&bdt=473&idt=179&shv=r20220921&mjsv=m202209200101&ptt=9&saldr=aa&abxe=1&correlator=5523286558348&frm=20&pv=2&ga_vid=83347994.1663967360&ga_sid=1663967360&ga_hid=1169717550&ga_fc=0&ga_wpids=pub-5030761324252298&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31069740&oid=2&pvsid=3736787093018005&tmod=264203228&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=oScLnHvlup&p=https%3A//slidehunter.com&dtd=198 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/1838989884782542848/index.html".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3.pubguru.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
c.bing.com
c.clarity.ms
cdn.pubguru.com
cdn.slidehunter.com
connect.facebook.net
d7c2r9g9.rocketcdn.me
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
i.clarity.ms
lh3.googleusercontent.com
m2d.m2.ai
pagead2.googlesyndication.com
partner.googleadservices.com
slidehunter.com
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
cdn.slidehunter.com
142.250.180.194
142.251.39.34
151.139.128.11
18.66.147.27
20.234.93.27
208.86.159.59
2600:9000:2057:da00:5:3aaa:f40:93a1
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:800::2004
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400d:807::2008
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2002
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f12d:83:face:b00c:0:25de
2a0b:4d07:101::1
3.67.235.152
52.167.85.21
01626041106f7c68932a8b99532f298e568709f6bac6b01e6efe29242a239cd7
027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010
0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70
0f9d86b247c93b17f93c4092b216300ef6594a6cb2a0f8bf6cadcbb2c0f15a4a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
2de5adf2717e6e6a537047bd7c0c7c20feb880f64536bc40c9e0286aff82139f
367137522c2ae868ac412d8850d61ffd18fd90d206e7ea7aeb36703b53dd9f79
3716aa82bcd7c2b15845af321bc0a0efac2885d16fbadbbd8609dfd332234056
43c6f22c4188f531429838f206a8c17636e37ad9023239c52436c0b13fc886fc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49a47e81f8636a0ed7cfff28cdf696321cb48abe7b7a3bd74ae5e2d7744cc025
522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9
541e33eb6570f2c921a23e27b75daf8b40a1e155da3178291d891454ff7fa7fc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59ac00033d6e98240ed397f83a66e106a576b7c091a402063ef808bd52a5d902
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61b9926e5d52c52c383c00d7e52f2c491b15e7cfd715373b53571632a7459517
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
74cb272172d67bd02891ddf7170c6174651aff026c10bf7d15695b3f26c61050
7794f7a828bfecd6edc7a9c041d7d84f5b19790696fb8b17e0bc4a4caa901cb8
7a8616fce3d3377b2cda3d2b2ce76414de661706c4f71b7da8524cf65a372e9a
7aecce615b509a0f9b271c6e7da81c6d5eeb1ba342349ec110263189d7b9ee38
7bcbe327243628310e84027b85bca98a20d208f66f64685d979c6ccfa587d2d2
8012c9c4412282dd51a5679b6999125acb99f2f168e9311a67fc0cd7cf945b25
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84696810f710f2f70a4b1bc0d13bfc744f8f0442ebc54ee9be361071e8c9760d
86453ecc16f6b785226ee9203819ea6bc46dc79171c51ed9605e3e2662281704
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621
89074d5f470adebeaebf5a8064d8963e9e5b55556ba4cb5f0d5a68756a7d9676
8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8d7e49c48c09ff4f318dbcf81e5a2b38f6cf2d007f95d7978e913a8302f76d94
90dd85446ff0d415927f948e597056cf30e9f5508f0dfc5b152bba2e6aacd92e
938f47440933849375e554690d920c6d6b5d30dec6c5d36d7e77acf17e2ed42e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cfc4852e816fc58db0794cb531a792c0235083f0a301f6f329bb91ac971f22e
9e45d9a9db0c3709c6504705c8493899177fef0b06dcb2289aad6690269cae99
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14ea03c678fe3a3ac453e1778b500e39bd693d46843141ad49536f0760012d2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
adda79ace8ea8c9b928dcb531ad924ef3cb39271763a8efef49bafbe2d6b07ee
ade02bc47eba82ee4d93a220a6b4c9afdb56f826eab6b220c7aa1757e8d32b6c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4474f7b0514253b202f1fc5a15413084f9be41014294a3cc677b06b5f7bd9ce
b54744107cd0a10217215327b68dd596d957bbdc72fd136e725cc1752b769c6a
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bd7b5ba5f5ca05566b8e36e6a394cc739963837f65137d56a2597f1921f7b656
bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b
c36f1885aaf8ef002907fa65ed994817aa20f0e07cf405892eecb368174f1996
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c3f222865ea762194dab3dddd6ca4d12f2b7cd2a09f10bae9f33009f44d64d8d
c4b5d9bfb28d58cf9b63a0b7e011c55563c9403514406d942e7c3032618ea963
c8d99502cbd21e6709cd0ae1b1acd2f161d3cf2423d501ddab5c9616e6627b28
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d080df38ba0758da4a4f11abb8c6023abe32618b8d2de407dee279a52fe8f617
d75cb9ac43cd239742ffc8390ef3ce0ba71283c4247f337869d58bbee7cdd353
d835a887e9bba3d67e6ea729b9eafcacbc1e3754da349f014d4b18dc3f890ce3
d862ec0d2b72e9f1575615db28f4196cbf0f586adb2208c605c691d6e06ee6ed
d95507de174be5f70b6ca64b4b17cfbb1d0cd1aa43ca365cec3bfeec561d8a5a
e06996d9eff7b6a6fe44e35248366b91be97cc7021a7e34bd00fa11c3e587704
e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea9e4dc894feb258772ebf4de63a1f5ad9a182282082b576f9ade071198a6f0b
eaa18126398906eff65177c34f4f9b911b83e7fe4e9296a925c5a5b9257c4455
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f224c22fc2113d1a25ed14c9d07ad8054e8ac7135aad5064e59104a82edca68d
f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96
f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4
f64a64e164298b326dcc7d841e9c7d85a837b3f052609c9b594b7095a4d3aa20
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

slidehunter.com Open in urlscan Pro 208.86.159.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

96 %HTTPS

73 %IPv6

20 Domains

32 Subdomains

30 IPs

5 Countries

1655 kBTransfer

4402 kBSize

24 Cookies

1 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

slidehunter.com Open in urlscan Pro
208.86.159.59 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

96 %
HTTPS

73 %
IPv6

20
Domains

32
Subdomains

30
IPs

5
Countries

1655 kB
Transfer

4402 kB
Size

24
Cookies

95 HTTP transactions
7 data transactions