www.marlowreview.com Open in urlscan Pro
104.154.203.214 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.marlowreview.com/articles/7586/view
Submission: On December 17 via api (December 17th 2021, 7:45:52 am UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 25 domains to perform 130 HTTP transactions. The main IP is 104.154.203.214, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.marlowreview.com.
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.

This is the only time www.marlowreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	104.154.203.214 104.154.203.214	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	52.217.227.40 52.217.227.40	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:803::2008	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2606:4700:303... 2606:4700:3034::ac43:c16a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.211.165.117 54.211.165.117	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	93.184.220.42 93.184.220.42	15133 (EDGECAST) (EDGECAST)
3	2606:4700:303... 2606:4700:3037::ac43:a12f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	34.96.127.16 34.96.127.16	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:2bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 24	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	130.211.34.183 130.211.34.183	15169 (GOOGLE) (GOOGLE)
130	31

11 104.154.203.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.203.154.104.bc.googleusercontent.com

www.marlowreview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.mr-production.lcp-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.217.227.40 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:803::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3034::ac43:c16a (United States)

ASN13335 (CLOUDFLARENET, US)

weatherwidget.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.165.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-165-117.compute-1.amazonaws.com

api.airbrake.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:a12f (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.127.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.127.96.34.bc.googleusercontent.com

knrpc.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2bd (United States)

ASN13335 (CLOUDFLARENET, US)

forecast7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.183 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	329 KB
18	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net	748 KB
13	olark.com static.olark.com knrpc.olark.com api.olark.com log.olark.com	434 KB
10	amazonaws.com s3.amazonaws.com	87 KB
9	weatherwidget.io weatherwidget.io	75 KB
8	lcp-news.com assets.mr-production.lcp-news.com	3 MB
7	ampproject.org cdn.ampproject.org	126 KB
4	facebook.com www.facebook.com	474 B
4	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	facebook.net connect.facebook.net	197 KB
4	fontawesome.com kit.fontawesome.com ka-f.fontawesome.com	24 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	marlowreview.com www.marlowreview.com	144 KB
2	googletagservices.com www.googletagservices.com	74 KB
2	google.de adservice.google.de www.google.de	1 KB
2	jsdelivr.net cdn.jsdelivr.net	26 KB
1	mixpanel.com api-js.mixpanel.com	375 B
1	nr-data.net bam.nr-data.net	322 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	gstatic.com www.gstatic.com	12 KB
1	forecast7.com forecast7.com	2 KB
1	googleadservices.com partner.googleadservices.com	653 B
1	airbrake.io api.airbrake.io	488 B
1	mxpnl.com cdn.mxpnl.com	25 KB
1	googletagmanager.com www.googletagmanager.com	30 KB
130	25

	Domain	Requested by
17	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	www.marlowreview.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	static.olark.com	assets.mr-production.lcp-news.com srcdoc static.olark.com www.marlowreview.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	s3.amazonaws.com	www.marlowreview.com
9	weatherwidget.io	www.marlowreview.com weatherwidget.io
8	assets.mr-production.lcp-news.com	www.marlowreview.com assets.mr-production.lcp-news.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
7	static.doubleclick.net	googleads.g.doubleclick.net
4	www.facebook.com	connect.facebook.net www.marlowreview.com
4	connect.facebook.net	assets.mr-production.lcp-news.com connect.facebook.net
3	www.google.com	1 redirects www.marlowreview.com tpc.googlesyndication.com
3	ka-f.fontawesome.com	kit.fontawesome.com
3	www.google-analytics.com	assets.mr-production.lcp-news.com www.google-analytics.com www.marlowreview.com
3	www.marlowreview.com	www.marlowreview.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	cdn.jsdelivr.net	www.marlowreview.com
1	api-js.mixpanel.com	cdn.mxpnl.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.marlowreview.com
1	log.olark.com	www.marlowreview.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	api.olark.com	static.olark.com
1	forecast7.com	weatherwidget.io
1	knrpc.olark.com	static.olark.com
1	www.google.de	www.marlowreview.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.airbrake.io	assets.mr-production.lcp-news.com
1	cdn.mxpnl.com	www.marlowreview.com
1	www.googletagmanager.com	assets.mr-production.lcp-news.com
1	kit.fontawesome.com	www.marlowreview.com
130	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
forecast7.com
pinterest.com
plus.google.com
s3.amazonaws.com

Subject Issuer	Validity	Valid
marlowreview.com R3	`2021-10-27` - `2022-01-25`	3 months	crt.sh
assets.mr-production.lcp-news.com R3	`2021-11-07` - `2022-02-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
*.airbrake.io SSL.com RSA SSL subCA	`2021-11-18` - `2022-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-25` - `2021-12-24`	3 months	crt.sh
s2.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-11-30`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.olark.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-20` - `2022-10-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh

This page contains 14 frames:

Primary Page: https://www.marlowreview.com/articles/7586/view
Frame ID: 9444A7E84B81FA1F1897BFD803400452
Requests: 63 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: A9057D791A2363EA0AE4114032B75C90
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&adk=1812271804&adf=3025194257&lmt=1639727146&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145903&bpp=3&bdt=1879&idt=228&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7586786460424&frm=20&pv=2&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250
Frame ID: 8737EB07974E69C58B0B1DB414ED7A7C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1791522500&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145995&bpp=2&bdt=1970&idt=164&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K7XOgXCJH9&p=https%3A//www.marlowreview.com&dtd=169
Frame ID: BE6B5EE861E6ECBBA46E2CCC1AA8454B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208
Frame ID: 76D373AD1C5C5CED00ED54D8363BAC06
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=90&slotname=7303796483&adk=2753969720&adf=2617875171&pi=t.ma~as.7303796483&w=728&lmt=1639727146&psa=0&format=728x90&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727146030&bpp=2&bdt=2006&idt=194&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XzfcEAOvaE&p=https%3A//www.marlowreview.com&dtd=199
Frame ID: 4363A093083488C8A67CC550EFC306DB
Requests: 18 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: BBC5A55F8B907034F1A2413C70A55BFA
Requests: 7 HTTP requests in this frame

Frame: https://weatherwidget.io/w/
Frame ID: E8A086A2EF5D660C6E9999726743EF66
Requests: 9 HTTP requests in this frame

Frame: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Frame ID: 591DF8722EA004903EB08088110B5227
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0896983F5D58B592857FA325C4CA9757
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: 34130FC0888A17F4653075CFFBA2053B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: 1A7FA01C48CCB5A0B2D0716EB4277CC1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9709B9801E70F94571F047F0FCDB0509
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A40752FF1167817CD362263C9D753D8E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MPS to Seek Bond Approval from VotersRequired AsteriskRequired AsteriskRequired AsteriskOlark LogoOlark launch button clip path

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

angular[.-]([\d.]*\d)[^/]*\.js
\bangular.{0,32}\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

130
Requests

99 %
HTTPS

70 %
IPv6

25
Domains

34
Subdomains

31
IPs

5
Countries

4986 kB
Transfer

8129 kB
Size

19
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/347123378804813

Search URL Search Domain Scan URL

URL: https://twitter.com/MarlowReview

Search URL Search Domain Scan URL

URL: https://forecast7.com/en/34d65n97d96/marlow/?unit=us
Title: MARLOW WEATHER

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=970573179647167&href=https://www.marlowreview.com/articles/7586/view&name=MPS%20to%20Seek%20Bond%20Approval%20from%20Voters&title=MPS%20to%20Seek%20Bond%20Approval%20from%20Voters&description=Marlow%20residents%20will%20have%20the%20opportunity%20to%20vote%20on%20a%20bond%20issue%20series%20on%20February%208,%202022%20in%20the%20amount%20of%20$34,150,000%20that%20will%20fund%20multiple...&picture=http://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6249/band_room_article_show_carosel.jpg
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Marlow%20Review:%20MPS%20to%20Seek%20Bond%20Approval%20from%20Voters%20https://www.marlowreview.com/articles/7586/view
Title: twitter

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://www.marlowreview.com/articles/7586/view&description=Marlow%20Review:%20MPS%20to%20Seek%20Bond%20Approval%20from%20Voters...%20%0AMarlow%20residents%20will%20have%20the%20opportunity%20to%20vote%20on%20a%20bond%20issue%20series%20on%20February%208,%202022%20in%20the%20amount%20of%20$34,150,000%20that%20will%20fund%20multiple...&media=https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6249/band_room_original.jpg?1639673231
Title: pinterest

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://www.marlowreview.com/articles/7586/view&description=Marlow%20Review:%20MPS%20to%20Seek%20Bond%20Approval%20from%20Voters
Title: google+

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6249/band_room_original.jpg?1639673231
Title: One of the planned projects if the bond is approved by voters will be to build an Outlaw Performing Arts Center that will accommodate the growth of the band, drama/speech department, and vocal music at Marlow High School.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_qYXDggEQtAEYtAEyCE4wj0WkHqeo HTTP 301
https://tpc.googlesyndication.com/simgad/13933158321802523974

130 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request view Show response
www.marlowreview.com/articles/7586/ 50 KB
51 KB 1000ms
399ms Document
text/html 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

6d159f83217d1c79da56a201e156e9a981506528dceb99e5a46f68bcad416b81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Dec 2021 07:45:44 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
etag: W/"6d159f83217d1c79da56a201e156e9a9"
cache-control: max-age=0, private, must-revalidate
x-request-id: daf6e03e2b901f19f78739a204b73417
x-runtime: 0.282251
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 common-02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1.css
assets.mr-production.lcp-news.com/assets/ 244 KB
245 KB 363ms
113ms Stylesheet
text/css 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mr-production.lcp-news.com/assets/common-02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1.css

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
last-modified: Wed, 15 Dec 2021 21:03:57 GMT
etag: "61ba583d-3d0ff"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 250111

GET
H2 200 public-e1527d5c058fb1f0d0cd10c0f511bb84d6fd35f04ec1b052be563e9e182d2578.css
assets.mr-production.lcp-news.com/assets/ 78 KB
79 KB 693ms
443ms Stylesheet
text/css 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mr-production.lcp-news.com/assets/public-e1527d5c058fb1f0d0cd10c0f511bb84d6fd35f04ec1b052be563e9e182d2578.css

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

e1527d5c058fb1f0d0cd10c0f511bb84d6fd35f04ec1b052be563e9e182d2578

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
last-modified: Thu, 16 Dec 2021 21:06:59 GMT
etag: "61bbaa73-13977"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 80247

GET
H2 200 application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js Show response
assets.mr-production.lcp-news.com/assets/ 2 MB
2 MB 471ms
223ms Script
application/javascript 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
last-modified: Thu, 16 Dec 2021 21:26:46 GMT
etag: "61bbaf16-205e43"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 2121283

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 57ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2169676972978339

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fa819e4b760e2a038cdc7e159359dc6319e5ff05ebd95eb7aad169facd8ddeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.marlowreview.com/
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51854
x-xss-protection: 0
server: cafe
etag: 9210103171127223030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Dec 2021 07:45:45 GMT

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
4 KB 38ms
13ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4532331
x-jsd-version: 3.5.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bee889ec9dc3128-FRA

GET
H2 200 facebook50.png
assets.mr-production.lcp-news.com/img/social/icons/ 2 KB
2 KB 238ms
237ms Image
image/png 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.mr-production.lcp-news.com/img/social/icons/facebook50.png

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

8be22579af56a9d1ca3673a990766d25320033692f89e0f0f6911132f4c6e0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
last-modified: Tue, 24 Aug 2021 19:56:52 GMT
etag: "61254f04-710"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 1808

GET
H2 200 twitter50.png
assets.mr-production.lcp-news.com/img/social/icons/ 3 KB
3 KB 118ms
111ms Image
image/png 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.mr-production.lcp-news.com/img/social/icons/twitter50.png

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

1975493229bf11e8a8ee543d0f2c4f7d97b7db0da591cc7670d37ab52e5f978e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
last-modified: Tue, 24 Aug 2021 19:56:52 GMT
etag: "61254f04-c5d"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 3165

GET
H2 200 loading-a0e025631497dd2b3eb11773457ae6cbde353e4efaed97389307b279bfdc85cb.gif
assets.mr-production.lcp-news.com/assets/ 50 KB
50 KB 114ms
113ms Image
image/gif 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.mr-production.lcp-news.com/assets/loading-a0e025631497dd2b3eb11773457ae6cbde353e4efaed97389307b279bfdc85cb.gif

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

a0e025631497dd2b3eb11773457ae6cbde353e4efaed97389307b279bfdc85cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
last-modified: Tue, 24 Aug 2021 19:56:52 GMT
etag: "61254f04-c6de"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 50910

GET
H2 200 header-mr.jpg
www.marlowreview.com/img/ 91 KB
92 KB 114ms
114ms Image
image/jpeg 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marlowreview.com/img/header-mr.jpg

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

cf271ee116882b2f6cbeaf5db0e1d5c08be75c5e49970b52bfe927eaaa60ff3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/articles/7586/view
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
last-modified: Tue, 24 Aug 2021 19:56:52 GMT
content-length: 93691
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg

GET
H/1.1 200
OK band_room_article_show_carosel.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6249/ 44 KB
44 KB 457ms
145ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6249/band_room_article_show_carosel.jpg?1639673231
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b84bbf1465a0890e6d0da6842d342d9e70365928fdd09db3190e33408dd8a1c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 16 Dec 2021 16:47:26 GMT
Server: AmazonS3
x-amz-request-id: GD9ZEYQKCZTRRH5R
ETag: "38273907b87085ec0c83311ff3dba40b"
Content-Type: image/jpeg
x-amz-version-id: O49kVpGAFB2mpP7KOyIBZbU6PhkVUXDP
Accept-Ranges: bytes
Content-Length: 44893
x-amz-id-2: zKQwM/uWXlGXSXBQaBrWjdzHpQrs7tw58ff0jMvLkc2dSDd2R/6s37BAj+HP478D5KeVXTx94es=

GET
H/1.1 200
OK ekco_haleigh_elroy_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6251/ 3 KB
4 KB 453ms
142ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6251/ekco_haleigh_elroy_thumb.jpg?1639673546
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f677db2ad08f76cc01ba137d0a99fb7d3649c7313a1844f1b32f5e15cedca21f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 16 Dec 2021 16:52:39 GMT
Server: AmazonS3
x-amz-request-id: GD9K5E1C95C5YYBX
ETag: "a282ab7077c7b446e5be0f0904a84820"
Content-Type: image/jpeg
x-amz-version-id: Bt2qeMRG5bg_ql7OhP5grFh_iTVbnATM
Accept-Ranges: bytes
Content-Length: 3451
x-amz-id-2: ifLohrWtLugvbRoqmQndTp0Wo4lGeWoqZBUl7/3vLFtN+ycu0HXs/hMWPJw2GtixmVKvI+hWDdM=

GET
H/1.1 200
OK talent_reynolds_school_board_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6165/ 4 KB
4 KB 443ms
132ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6165/talent_reynolds_school_board_thumb.jpg?1636644391
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0e1fc99d73fe683bd540dc4240c240f53e629792a2377065733233523104095e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 11 Nov 2021 15:26:41 GMT
Server: AmazonS3
x-amz-request-id: GD9WC94CEJDVYHK8
ETag: "1423d80b948eb92a70ba49f527c89415"
Content-Type: image/jpeg
x-amz-version-id: 76FEwtxgc6OfcK0oCTMEyqgugqldzUxT
Accept-Ranges: bytes
Content-Length: 4120
x-amz-id-2: Or1cEED18v2zAJ8aQDoxexnTPxdqjwjglsqSdjdlSmeU4xVrql0CRZAmdMVN7mSH81KOOtpS1CI=

GET
H/1.1 200
OK heisman_school_winners_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6158/ 4 KB
5 KB 429ms
118ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6158/heisman_school_winners_thumb.jpg?1636047884
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 907e3bdd2b843886f1a01b4bfcff888df8df4679c6f85492f7a0a9d7d9ed0e5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 04 Nov 2021 17:44:50 GMT
Server: AmazonS3
x-amz-request-id: GD9THE0VQRW1B9V9
ETag: "2b3b3dca7e286da8840a86fcc2a456cf"
Content-Type: image/jpeg
x-amz-version-id: vNrNV480KsIBU53_9oVmgNrsHZuU1Z0g
Accept-Ranges: bytes
Content-Length: 4445
x-amz-id-2: HU+5wsxFsZy+CgY5m2D5/LZtK4AYAmJXgbgMLmv7g/ihUPYVFLoR6ng8B2v38GL3djHwSCaXftk=

GET
H/1.1 200
OK we_love_teachers_winner_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6129/ 3 KB
4 KB 444ms
125ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6129/we_love_teachers_winner_thumb.jpg?1635436456
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5dc433b2308cf3b2e6e85b4ef39817ddf187e5f4c24863d6dff86de444151cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 28 Oct 2021 15:54:27 GMT
Server: AmazonS3
x-amz-request-id: GD9T7BBJA0GJQ16B
ETag: "fdfc02a6b78de001a7bab3e09c4f7de8"
Content-Type: image/jpeg
x-amz-version-id: d59SeDV6b.9CKOxOWglUfOrngSdr5LGh
Accept-Ranges: bytes
Content-Length: 3320
x-amz-id-2: t4h+WgglCLSGB0f/FyMPw52FjEVhKdAi7xVsX4fARqwI0GSzTBwO3XF6qQwHwaxEUFB6IxRMeLs=

GET
H/1.1 200
OK young_outlaws_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6258/ 4 KB
4 KB 555ms
125ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6258/young_outlaws_thumb.jpg?1639674806
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 02aacf652c252fb7eaa63f47615aff1809afcea71b4c0cf4da61fb6bb12a4963

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 16 Dec 2021 17:13:34 GMT
Server: AmazonS3
x-amz-request-id: GD9W54ZHM74JQ39Z
ETag: "46fef7a46d72c1b417d73114ff4fcdcf"
Content-Type: image/jpeg
x-amz-version-id: QJBrHMoPDZQJINnrUUjCbGZqLv9D0WwC
Accept-Ranges: bytes
Content-Length: 3987
x-amz-id-2: 51vDESXyP0QBYX5Q6lb9ZuDyPgDBDXy7d8bUIcjOQzpnFTRCiuEBLWyIMCDBJuMPja92+ETMwgM=

GET
H/1.1 200
OK blue_crew_white_out_vs_purcell_11_12_21_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6257/ 4 KB
4 KB 146ms
146ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6257/blue_crew_white_out_vs_purcell_11_12_21_thumb.jpg?1639674676
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fb0f3fc89610b397dcb1f6b84ac024253333330a5f666f7293e4ccbd2cdea0b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 16 Dec 2021 17:11:26 GMT
Server: AmazonS3
x-amz-request-id: GD9T6KRZHNCJS9WJ
ETag: "eb59600419f4420e1bbecd68ec7dd022"
Content-Type: image/jpeg
x-amz-version-id: 7fEjpT7TqGF8uBtjLf8xSvjcumsfcHf1
Accept-Ranges: bytes
Content-Length: 3820
x-amz-id-2: ykddykYUfdUuyTCSb6eM1GSuNHzy+ky3hhDLapzpRAT6Rln8a+E4g8WLMyTIbSwdSsI1LhD03t8=

GET
H/1.1 200
OK cheer_vs_purcell_11_12_21_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6256/ 3 KB
3 KB 149ms
147ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6256/cheer_vs_purcell_11_12_21_thumb.jpg?1639674519
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f36099a5361d6f47960b58aae0105c599a3b9aafbc7efcb4b61d76137bd59d59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 16 Dec 2021 17:08:50 GMT
Server: AmazonS3
x-amz-request-id: GD9K087DSH5SE899
ETag: "1f5a6bc486deac3fe283e73864c6f6fd"
Content-Type: image/jpeg
x-amz-version-id: GN0TCzXLhR6049sMBfSHOr_A04MqyNHI
Accept-Ranges: bytes
Content-Length: 3044
x-amz-id-2: bOxLVLDXnVlnYeBjx+yE+CNTLrOJy6kSAvv4zJ7C8d2cl/ZQ7J31VyxzRJfI2SKtWKSu2KOtRl8=

GET
H/1.1 200
OK bootleggers_9_3_21_thumb.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6255/ 3 KB
3 KB 132ms
131ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/pictures/6255/bootleggers_9_3_21_thumb.jpg?1639674402
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25919c984086c16a5f4c8b98435c28a00ba5affcc47b17605c95dff2bd472623

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 16 Dec 2021 17:06:53 GMT
Server: AmazonS3
x-amz-request-id: GD9JT77H7ZGC8H9T
ETag: "ffe588e38fc4957822150406f2770c60"
Content-Type: image/jpeg
x-amz-version-id: SB9iA9xSkLMZ7.gkUWK4mKt_Q9s6dVJ8
Accept-Ranges: bytes
Content-Length: 2982
x-amz-id-2: 1/3ehMo3+Jf1SOLWbaC6rQVwlPrKdU2YD4e+ZYFDV2c1M29uazK1k5mHHr8QrbkufwxfVyJ0pyM=

GET
H/1.1 200
OK ood45_original.jpg
s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/lads/12/ 11 KB
11 KB 195ms
118ms Image
image/jpeg 52.217.227.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/lewiscountypress-pictures-production/mr/production/lads/12/ood45_original.jpg?1618499690
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.227.40 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6b40f4807c714144725e7605c5b3c7edbc1a8a5dfa5e0d16c8dfa68934798989

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 17 Dec 2021 07:45:47 GMT
Last-Modified: Thu, 15 Apr 2021 15:14:54 GMT
Server: AmazonS3
x-amz-request-id: GD9G49EM6RRYX77F
ETag: "d854adceb3152f36bc7278608d18c609"
Content-Type: image/jpeg
x-amz-version-id: H1KKphCGlB5XQ8lGCF0sBHM8XAVfnt6j
Accept-Ranges: bytes
Content-Length: 11235
x-amz-id-2: 8+8dcB57gWP/vtO6DeyQZP7n+v4OHPqvSC9uQL7O4n9kxdt31RAgDyrPJJy+/pONssNb/n3rBKU=

GET
H2 200 jquery.fancybox.min.js Show response
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 67 KB
22 KB 21ms
17ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.js

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4532332
x-jsd-version: 3.5.7
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"10a9d-YYFBLnOWZpbQjh5bEkOlctDyK6Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6bee88a45a363128-FRA

GET
H2 200 7b9bae055e.js Show response
kit.fontawesome.com/ 11 KB
4 KB 63ms
37ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/7b9bae055e.js

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fc159897fe0ef244838d5e6562eb4cda3b4437b4a375da55ec9238f8cba06f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.marlowreview.com/
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:45 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6bee88a4ba2a4abd-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FrpPu2t7rk1FIQcBS_CC

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2680
date: Fri, 17 Dec 2021 07:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 17 Dec 2021 09:01:06 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
30 KB 154ms
34ms Script
application/javascript 2a00:1450:400e:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5NQ5VVK

Requested by

Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:803::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

02ef47b604fa484bbd394360e607128d05e9262740cb6fe09c9a95148ad09450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29889
x-xss-protection: 0
last-modified: Fri, 17 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Dec 2021 07:45:46 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 75 KB
25 KB 124ms
7ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 18:55:13 GMT
content-encoding: gzip
age: 46233
x-guploader-uploadid: ADPycduEacB_Q8Wun_e0Mh10-hfmJPXmxtgreJ3rrqXu8l--W_PQYbBgteyRCCztk4pBGM-5KjRPuhVp1pX7TWXdhw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25483
last-modified: Tue, 16 Nov 2021 18:27:30 GMT
server: UploadServer
etag: "77c5050453dd79be695c9d3979443265"
vary: Accept-Encoding
x-goog-hash: crc32c=Jbujhw==, md5=d8UFBFPdeb5pXJ05eUQyZQ==
x-goog-generation: 1637087250642836
access-control-allow-origin: *
cache-control: public,max-age=86400
x-goog-stored-content-length: 25483
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 17 Dec 2021 18:55:13 GMT

GET
H2 200 glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2
assets.mr-production.lcp-news.com/assets/bootstrap/dist/fonts/ 18 KB
18 KB 338ms
113ms Font
font/woff2 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mr-production.lcp-news.com/assets/bootstrap/dist/fonts/glyphicons-halflings-regular-fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c.woff2

Requested by

Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/common-02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://assets.mr-production.lcp-news.com/assets/common-02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1.css
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
last-modified: Tue, 24 Aug 2021 19:56:53 GMT
etag: "61254f05-466c"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 18028

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
99 KB 47ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2169676972978339&plah=www.marlowreview.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2169676972978339

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 17 Dec 2021 07:45:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame A905 11 KB
5 KB 30ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2169676972978339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 16 Dec 2021 18:36:45 GMT
expires: Thu, 30 Dec 2021 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 47341
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widget.min.js Show response
weatherwidget.io/js/ 3 KB
2 KB 65ms
28ms Script
application/javascript 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/js/widget.min.js
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 08 Oct 2019 21:35:32 GMT
server: cloudflare
age: 2593
etag: W/"5d9d0124-a4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlGmyS1Iq%2B0EJ51YHY%2B%2BmZog%2FiIRhs28NtQPeWrND44pUxJI8gADyp3mtd5ueIVNf8zRos8d14T4Bn9ZJ7cerj6PJRIgLVsBoPIyTDEXavazqM2e%2BEZyowzMhkRROOUzO3Tbne65OzNN920tbb4n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88aa08901772-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 create-notice Show response
api.airbrake.io/api/v3/projects/118382/ 134 B
488 B 350ms
114ms XHR
text/plain 54.211.165.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.airbrake.io/api/v3/projects/118382/create-notice?key=6e83f2dce7efe1e5d6416099afa02e41
Requested by: Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.211.165.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-211-165-117.compute-1.amazonaws.com
Software: /
Resource Hash: ed4ae1ea80466aafceeed73371eed6dcd69c2a41ff0f26cd109f9dd2db7fae03

Request headers

Referer: https://www.marlowreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,PUT,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-ratelimit-remaining: 9999
x-ratelimit-delay: 14
x-ratelimit-limit: 10000
access-control-allow-headers: Accept,Origin,Content-Type,X-Requested-With
access-control-expose-headers: X-RateLimit-Delay

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1394226665&t=pageview&_s=1&dl=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&ul=en-us&de=UTF-8&dt=MPS%20to%20Seek%20Bond%20Approval%20from%20Voters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=322655504&gjid=59653255&cid=1850153578.1639727146&tid=UA-54741411-12&_gid=1233730243.1639727146&_r=1&_slc=1&z=1073952251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marlowreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.marlowreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: eqx9NN47A4hQ+yyEB7iB2xOVeqcVECa8hqqxlnHX5YZpy9VlqAKzCUcQcPbABy3tx+gEM84vpJXz8jqM9vzXiQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 17 Dec 2021 07:45:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

405aaad7324b2ed37b136a04e8146b360622f65defe0ed3f3e5c17f3cc1d6973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yzYzAFHOVqSvO2i+6tqqGA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: L95U5uk9ytMCsg+E580YYE2005WwSXRbWkWjrN3A+jHKfDhwi1Wj2/7JujKgwXp92Gsk8zweaoGyFeniDj+2NQ==
x-fb-trip-id: 917726464
x-fb-content-md5: dac71fb58a55c29f3feb26ad0a8eb93f
x-frame-options: DENY
date: Fri, 17 Dec 2021 07:45:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "12c67e48c68b925350761e16df1e1111"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 17 Dec 2021 07:54:26 GMT

GET
H2 200 loader.js Show response
static.olark.com/jsclient/ 9 KB
3 KB 28ms
6ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader.js
Requested by: Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/application-60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:23:06 GMT
server: ECS (frb/6772)
age: 1306
etag: W/"61ba409a-2227"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 3120
via: 1.1 google
expires: Fri, 17 Dec 2021 10:45:46 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 35ms
18ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=7b9bae055e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b9bae055e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
via: 1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3792321
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dl5BH0zBtgMgH7u2%2BpKMYMgjJmrB2n65wkqQIfAxSeB1h9UU7nDHJoF1vk9ZyxQbprkI24olYkHZNc7ot29yVMcC64x1eEA2ViVOmRurSXsyWbk6NQPgCmqvkDViJHHGN0biGA4xyd7PH2jmUrOGGAOy%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 6bee88aa6ca105fd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: QKoXkDsh6ZkjoFAYD5kJ330H9vBSKpg6D5Oi1HbKTtDXM3zcVbtoww==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 34ms
17ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=7b9bae055e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b9bae055e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3792321
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fd%2F%2FZTkVXYM0QBd2KCoFACwz9fBeL5roC1ogGRv0Ldt%2FTYJMdt9GfIEabdk%2BTbboOATOZzNjm%2BWgAqGg8p1j9DlCN%2FxgqeMbF6abI%2Br3lUI75nhzwK6otuLOFi1k9YpETAIGK9OvBjBAuGd%2FVkGa85yTcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 6bee88aa6ca205fd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PkWlDJakkMPdrasbvHChhstXdPe6S-l16OkDTxC5imVCrxVZ4E3DGQ==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 34ms
17ms Fetch
text/css 2606:4700:3037::ac43:a12f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=7b9bae055e
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b9bae055e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:a12f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
via: 1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3792321
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N1KiBvgvFicAWWDAd9bdEIFBZ4Rbus28gUJ8rMtfEgUtrnb%2FhHDYA8XpMMQ2Zkdr6bYL8718Q8FcBdTGwXx6LsLlCSWkDpYlMqNFnPH%2Fa%2B0UKeiqt%2BILkIjlVwzwhBEpH%2BJrZ6xpbgwMyeKdzk5lULMAxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C1
cf-ray: 6bee88aa6ca305fd-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: cstQqADD39Y8CTQ2XM_s0ZXmPtw7Do9jHMDCSrcFf2dEEkdE9TRT-A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 47ms
16ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54741411-12&cid=1850153578.1639727146&jid=322655504&gjid=59653255&_gid=1233730243.1639727146&_u=IEBAAEAAAAAAAC~&z=592667240

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.marlowreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 17 Dec 2021 07:45:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.marlowreview.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1394226665&t=event&_s=2&dl=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&ul=en-us&de=UTF-8&dt=MPS%20to%20Seek%20Bond%20Approval%20from%20Voters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ad&ea=ad_impression&el=Classifieds%20-%20%2Flad%2F12%2Fview&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=1850153578.1639727146&tid=UA-54741411-12&_gid=1233730243.1639727146&z=1828164340

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Dec 2021 17:46:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50386
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
653 B 65ms
16ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.marlowreview.com&callback=_gfp_s_&client=ca-pub-2169676972978339

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2169676972978339&plah=www.marlowreview.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7d6abb5a78f1add07d5396b04e27ba9362f6327ac69a8e2e1cb234ae739bd3dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 59ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.marlowreview.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.marlowreview.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&tn=DIV&cls=lad-sticky-bottom&ign=false&pw=1600&ph=1200&x=800&y=1130.4

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8737 0
19 B 116ms
101ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&adk=1812271804&adf=3025194257&lmt=1639727146&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145903&bpp=3&bdt=1879&idt=228&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7586786460424&frm=20&pv=2&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Dec 2021 07:45:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Dec 2021 07:45:46 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE6B 75 KB
28 KB 675ms
671ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1791522500&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145995&bpp=2&bdt=1970&idt=164&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K7XOgXCJH9&p=https%3A//www.marlowreview.com&dtd=169

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b44e369dad76bf9410972ec3735b1ced62a5b2591e70f2bb1a77f86711ab7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Dec 2021 07:45:47 GMT
server: cafe
content-length: 28866
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Dec 2021 07:45:47 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 41ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54741411-12&cid=1850153578.1639727146&jid=322655504&_u=IEBAAEAAAAAAAC~&z=2043763889

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 40ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54741411-12&cid=1850153578.1639727146&jid=322655504&_u=IEBAAEAAAAAAAC~&z=2043763889

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 2100466596636473 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 146ms
137ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2100466596636473?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bcb54b161aa739c858da0addf9e28e192c1506b046fe2f9dc1a123a637363e4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: vQng5G0k5xxjJz/r8HkNVPhDHDV3wRFk8wsAFYN2xt0Q3ojHH8IlcwjuWc67vzywui48cJPuPaszNicZHI12ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 17 Dec 2021 07:45:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 76D3 153 KB
53 KB 1121ms
1121ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ba8feff91e46b480b5277b31cfb49a83733432e8fc5389c37205305f23b0f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Dec 2021 07:45:47 GMT
server: cafe
content-length: 54397
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Dec 2021 07:45:47 GMT
cache-control: private

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f5da912d6bad7c2c2d7b32723d8be61e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19b792a51a6250895c8cbf5006db66a7727bcf0133e4c45e7f1144a9b34ca4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.marlowreview.com/
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: VeXZbQf3O2+WIp6LmG+5ZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83417
x-fb-rlafr: 0
x-fb-debug: Rc2iNfcawmvN3bQ2LWvUi8sBJNnXAQxcUi+sYHj01rLmxcLZtzYt6QiOunM0ugUx8Tq1EBML5qfH4ivyXIKOrA==
x-fb-content-md5: 0ef0ca73857e87630033a59099b4375c
x-frame-options: DENY
date: Fri, 17 Dec 2021 07:45:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "0db64751e0283e8efc9f2c8fd5db15ba"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 17 Dec 2022 05:35:46 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4363 111 KB
31 KB 745ms
743ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=90&slotname=7303796483&adk=2753969720&adf=2617875171&pi=t.ma~as.7303796483&w=728&lmt=1639727146&psa=0&format=728x90&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727146030&bpp=2&bdt=2006&idt=194&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XzfcEAOvaE&p=https%3A//www.marlowreview.com&dtd=199

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba11ffa7547aa3048bbb8ad4fdc65880728cc7f228217ad3b100d82a17ef34b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 17 Dec 2021 07:45:47 GMT
server: cafe
content-length: 31294
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Dec 2021 07:45:47 GMT
cache-control: private

GET
H2 200 app.js Show response
static.olark.com/jsclient/ Frame BBC5 55 KB
18 KB 7ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/app.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 506e190d894a15318bb3f0c60d700a21432f0e57275b9c3d8c44ef45f31b6674

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/6762)
age: 1304
etag: "61ba408c-dae7"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 18597
via: 1.1 google
expires: Fri, 17 Dec 2021 10:45:46 GMT

GET
H3 200 / Show response
weatherwidget.io/w/ Frame E8A0 3 KB
2 KB 26ms
14ms Document
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/js/widget.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62aba3546baccac5aba72413337f0216c67f8354349e8306dd208d4fcf4cb4f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public; max-age=14400
last-modified: Fri, 17 Dec 2021 06:47:56 GMT
cf-cache-status: HIT
age: 2594
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1j77d3UB9T2r3SVAG86Jrbolg74nnprDSEJsTSv9skgS8VM70dWH4KJrPxGN5TJOjL8n5LRAzfCJ9kOUVHYqVfnW1V90mg7oaqEhYD%2BGrGyPyWXA72STbASmJEQ7eimTEK1A2TfQB754xvoZrHw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6bee88abdecd5b38-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 7318-186-10-7079.js Show response
static.olark.com/a/assets/v0/site/ Frame BBC5 12 KB
12 KB 6ms
6ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/a/assets/v0/site/7318-186-10-7079.js?cb=1639727146265
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) /
Resource Hash: e59a4f0fa8e783f8b5ee57690b7efc912b8c8eb45bbae7f0db032307230dc316

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
via: 1.1 google
last-modified: Thu, 16 Dec 2021 22:11:13 GMT
server: ECS (frb/67A7)
age: 34473
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12243

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 114ms
97ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=970573179647167&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f5da912d6bad7c2c2d7b32723d8be61e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: MmZU9tkW4zFazidQByXuFgvXPGI6fcB6qv/Am98bYdLnhonNAO3md1PZB7WfrqX/IL/AROyrmhoxIsttGgdblw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Fri, 17 Dec 2021 07:45:46 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.marlowreview.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=970573179647167&ev=fb_page_view&dl=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&rl=&if=false&ts=1639727146301&sw=1600&sh=1200&at=

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 17 Dec 2021 07:45:46 GMT

GET
H3 200 if_w.css
weatherwidget.io/w/css/ Frame E8A0 17 KB
3 KB 16ms
15ms Stylesheet
text/css 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/css/if_w.css
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2c51e1528f4f0f0a900c9c041a720a25f4a27ea6f60eb7e1ecaf16a5813cee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weatherwidget.io/w/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 05 Oct 2019 12:55:20 GMT
server: cloudflare
age: 2595
etag: W/"5d9892b8-42a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovSBSVTQfNsSlzD0V0yKglL0FAH5CpPqErsN1MH6XL2OczN0qPx0n%2FrbxARnnVeSwe3nOgzh0TCqnHUetYXCsMNux8Xdph5tMtMfA03PqilPPXqmUWW5mh1CrOZOa%2FOBmGAr4HxtaUl9PPscCPC%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88ac3f9f5b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 angular-1.5.8.min.js Show response
weatherwidget.io/w/js/ Frame E8A0 160 KB
57 KB 19ms
19ms Script
application/javascript 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e37bad01d25cbecb3e6f6d477725ce6ea43637a94510cd27baf1068e319826ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weatherwidget.io/w/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 20 Jun 2018 12:51:56 GMT
server: cloudflare
age: 2595
etag: W/"5b2a4dec-28026"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TOc204CR6%2FjQgJdq7Lh4dKDkWbt%2FEBN%2Bd0lhT7gLYKs9iQa9phDHGNTzMekPJYEB2Jjxp5hRVTiheGcwdUbSzrWHtkzqylf6qu1ORVrA6jQmHDLjyi3%2F4lwYObb6KrXosMtgKlStbyoCGvsP4N6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88ac3fa65b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 iApp.min.js Show response
weatherwidget.io/w/js/ Frame E8A0 37 KB
8 KB 15ms
14ms Script
application/javascript 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/js/iApp.min.js
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c590b7f35f60c3d58265b235066ecc42d07f6a6c2edad989e788faa0d444fa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://weatherwidget.io/w/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 26 Jan 2021 04:04:02 GMT
server: cloudflare
age: 2595
etag: W/"600f94b2-94da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYplJIdKa9bVkJxY%2FQUMHEzGyN8Rrd0fB6MOYx0CWt9cOtO0Bc%2FbhqDy%2FsNkPOMEuZoVyPCY8zCf5tKXvaOCNhGiguVDLXKYjp%2Fhe8rFPP2dzG0RtWlZGVS9Fvag67cAi%2FGkOBB4CGUkiKc8aNnL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88ac3fa75b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 c Show response
knrpc.olark.com/nrpc/ Frame BBC5 927 B
1 KB 144ms
114ms XHR
text/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://knrpc.olark.com/nrpc/c?c=create&s=7318-186-10-7079&v=cYTl7RhJ6LA4BFDE977zI0PkanYjbAba&i=EQqgWlRzFwoSv1WR977zI0PZoA4abakj&g=ALL&q=precache08909753087316263&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&r=&ca=false&ru=false
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: TwistedWeb/21.2.0 /
Resource Hash: 5c88c87303a506c66b327209964b89ddc6dffb52413fdd984d3026741fd07605

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:47 GMT
via: 1.1 google
last-modified: Fri, 17 Dec 2021 07:45:47 UTC
server: TwistedWeb/21.2.0
x-rpc: nrpc-http-6556d69b75-fgxcw
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
content-disposition: inline; filename="rpc.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 application2.js Show response
static.olark.com/jsclient-bucket5/ Frame BBC5 1 MB
309 KB 8ms
8ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668C) /
Resource Hash: a9cf578656c6c3d88130bc3b64768066d27712b0f54a5a0d834c4fc1902e69ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:46 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:23:00 GMT
server: ECS (frb/668C)
age: 1298
etag: W/"61ba4094-11e9d5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 315904
via: 1.1 google
expires: Fri, 17 Dec 2021 10:45:46 GMT

GET
H3 200 open.svg Show response
weatherwidget.io/w/img/ui/ Frame E8A0 524 B
916 B 16ms
15ms XHR
image/svg+xml 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/ui/open.svg
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb3bbe91d293ec0b30bf7834648ccaded81fd6a27fa6dbb3f06941b28a6d12a

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Jan 2018 03:49:23 GMT
server: cloudflare
age: 2595
etag: W/"5a6aa543-20c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yrDJLTGzjob8Wl35JQ2RLk9i5Bwj1MB29yCidVcbKtly97t3YMzCAAmLw7z9qi%2F0yosn%2FR0exgAGaWJry8XA9RIhdIFC0ZyV%2FFXAld91pm5CemrHByDoEJck6bSgn1n5VPy3CoK4CxiVJjdkOUy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88acc8705b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 / Show response
forecast7.com/en/34d65n97d96/marlow/ Frame E8A0 5 KB
2 KB 144ms
115ms XHR
application/json 2606:4700:3033::6815:2bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forecast7.com/en/34d65n97d96/marlow/?format=json

Requested by

Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2bd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6483dc3b8963d66c6b61bd03208696125dc94fd5eceb10f239a3429f66b848fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"125c-bbl5SmuSdberNJxhXs6Cfmit45A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKm75IrISHgigJJ433031m3RvXtERdni%2BE1t64PH8%2FEDpv%2B0hsAWWVWbIwIUenWVYiowr2OhSdxlNXB5lwgwYlJvcApkqOFbWTHZ7RgKQdwybxF7zpZKOC7dUQHyeZAGW0CwJKynm82LlrD7"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://weatherwidget.io
cache-control: public
cf-ray: 6bee88ad48f37033-FRA
x-proxy-cache: MISS
expires: Fri, 17 Dec 2021 08:15:11 GMT

GET
H2 200 storage.html Show response
static.olark.com/jsclient-bucket5/ Frame 591D 180 B
302 B 6ms
6ms Document
text/html 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: 17e9588688a15c515b224e4c7633242f64a364e515df9f365f9f923f7bd5c1c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 1308
cache-control: max-age=10800
content-type: text/html; charset=utf-8
date: Fri, 17 Dec 2021 07:45:47 GMT
etag: W/"61ba4095-b4"
expires: Fri, 17 Dec 2021 10:45:47 GMT
last-modified: Wed, 15 Dec 2021 19:23:01 GMT
server: ECS (frb/6772)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 156

GET
H2 200 storage.js Show response
static.olark.com/jsclient-bucket5/ Frame 591D 87 KB
28 KB 7ms
6ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket5/storage.js?v=1639596023950
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.olark.com/jsclient-bucket5/storage.html?v=1639596023950
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:48 GMT
server: ECS (frb/6712)
age: 1308
etag: W/"61ba4088-15d17"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 28656
via: 1.1 google
expires: Fri, 17 Dec 2021 10:45:47 GMT

GET
H2 200 visits Show response
api.olark.com/2.0/sites/7318-186-10-7079/ Frame BBC5 112 B
387 B 132ms
117ms Script
application/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.olark.com/2.0/sites/7318-186-10-7079/visits?_callback=_olark_callback_463f32d9_4beb_48d1_8598_fd7bccda2a94&_method=POST&_data=%7B%22conversation_id%22%3A%22EQqgWlRzFwoSv1WR977zI0PZoA4abakj%22%2C%22cache%22%3A%220.41359678914498454%22%7D
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: NotARealServer/1.33.7 /
Resource Hash: d931c696419604dcc6baeb5ddf714bb2144f5db5e655a7455cde43e3db6c7248

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
via: 1.1 google
server: NotARealServer/1.33.7
access-control-allow-headers: X-Access-Token, X-CSRF-Token, Content-Type, Authorization
access-control-max-age: 432000
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/javascript
access-control-allow-origin: *
content-disposition: inline; filename="api.txt"
alt-svc: clear

GET
H2 206 olark-chimes.ogg
static.olark.com/jsclient/sounds/ Frame BBC5 11 KB
11 KB 6ms
6ms Media
audio/ogg 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/sounds/olark-chimes.ogg
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae

Request headers

Referer: https://www.marlowreview.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/6731)
age: 1306
etag: "61ba408c-2a35"
x-cache: HIT
content-type: audio/ogg
access-control-allow-origin: *
cache-control: max-age=10800
Content-Range: bytes 0-10804/10805
accept-ranges: bytes
Content-Length: 10805
expires: Fri, 17 Dec 2021 10:45:47 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2100466596636473&ev=PageView&dl=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&rl=&if=false&ts=1639727146607&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1639727146605.996216364&it=1639727146191&coo=false&exp=p1&rqm=GET

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 17 Dec 2021 07:45:47 GMT

GET
H3 200 cloudy.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame E8A0 949 B
1 KB 14ms
13ms XHR
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/cloudy.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 666b81a3d37a051f35c544d975cfcf22a988d3990166d9d91a68ac6f9d6b5edb

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 06:46:59 GMT
server: cloudflare
age: 2596
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41XRxQAU2K3nkDZCYeRMTGUDvqIfkkGezZksZ6YLylCEMI1rbSfPtrUsgTqxkxmHyR3utahBx758rYz8VMf7w%2F68a0EKsWtd5vX9JEuA5Yjf%2FnFmjyznHov%2BDLtS0y5biextiq3r0LATgJR1TwDr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88ae3a5f5b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 rain.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame E8A0 2 KB
1 KB 14ms
14ms XHR
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/rain.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b550bc1fe6527e0f74ec28d2ca79e8324b7a2f6ad5077e8888671b58216cd324

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 03:12:24 GMT
server: cloudflare
age: 2596
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gop342baLlGFSfdUvrpuD1llPJVlaH0qYBZ82JWlomMLnZpmVedGfDQHqjmyB7Opp%2B5S7ba8rt61hQdKnYwNvbThewNsxMDYfVIEdtMMxqKRVJ%2BW0SGCmjhD8GELQzK1JVKhcyI9i10UfFGFusFr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88ae3a615b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 clear-day.html Show response
weatherwidget.io/w/img/icons/iconvault/ Frame E8A0 2 KB
1 KB 13ms
13ms XHR
text/html 2606:4700:3034::ac43:c16a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherwidget.io/w/img/icons/iconvault/clear-day.html
Requested by: Host: weatherwidget.io
URL: https://weatherwidget.io/w/js/angular-1.5.8.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:c16a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8123e77b1354f2532dbba8e1694a64c696d1fa3b2d3ee9577b5f155fa0b42b

Request headers

Accept: application/json, text/plain, */*
Referer: https://weatherwidget.io/w/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 04:14:19 GMT
server: cloudflare
age: 2596
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdnCZosSfIffJm7VtDkNzrfB2usEVOh2zqclZPhfuPT%2FFJ4tkN%2FiE4nJsYlokeUTfgAK5Tc2ooYk1PbsF%2FjatBsS17zmjeu1e73D7%2FJ6Yjk7Vy7k0ACTDSzf5dXyz0kkAzf548wZxIto2jtHWo2m"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: public; max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6bee88ae3a635b38-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 2491568295546401609
tpc.googlesyndication.com/simgad/ Frame BE6B 39 KB
39 KB 41ms
12ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2491568295546401609?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk6Xu5r7zjIddipFxYanO8GBhr75A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1791522500&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145995&bpp=2&bdt=1970&idt=164&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K7XOgXCJH9&p=https%3A//www.marlowreview.com&dtd=169

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74168ea4646ea10f2eef989e3171df56774015368511f78d8d394912f7cbd02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 04:26:21 GMT
x-content-type-options: nosniff
age: 357566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39788
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 18:57:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 13 Dec 2022 04:26:21 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame BE6B 19 KB
8 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:43:49 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BE6B 2 KB
1 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:42:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BE6B 119 KB
37 KB 47ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Dec 2021 07:45:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BE6B 15 KB
6 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:43:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:43:05 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BE6B 27 KB
11 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:46:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11415
x-xss-protection: 0
server: cafe
etag: 3382072337847676073
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Dec 2021 15:46:58 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BE6B 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cu0STKkC8YcmHMdefboKLmMAN2KLKhGf2z67HhQ-_4R4QASC5-cZYYJXy_YGUB6ABm4jRnwPIAQKpAp0pDB5p_rI-qAMByAPJBKoEjQJP0Jbf7nK6ijp3WR69vbibQEPnoC18-bCYG3A0c8L_PIvs6-t46MtXE1a7V1-UwtyeIWQ-oZUH6Y26QziZGrLIxAcIBLn_StXefw3Fb3xtVCo6BM7LSJI-FLvG4P-pHZY_sXL0Ten4xWqbYR3cIPniBeFX2DnDrBVpKrzzW_9ZuGS_6ZOo5LaWlJhKIyDQpzRYluaEcGHYIKB2cUuiH6Bm-y26Fj9edIFft4jfdshhn2SJuLRYvFp1jfHzXWJPLlmIDn7n_bZiBnbRtEaZm3a4GD0WfbS4RU8qnlb1v3rfCWc4sH2RcunTomkVSVxIzR554OmK0st5CrcSk3_kP23aNmdXHOhH-lwaJSZAPsAE1avAvOMDkgUECAQYAZIFBAgFGASgBgKAB833rmCoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCdsmXSCAkIgOGAEBABGB-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMjE2OTY3Njk3Mjk3ODMzORgA&sigh=stubOn7DqiU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1791522500&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145995&bpp=2&bdt=1970&idt=164&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K7XOgXCJH9&p=https%3A//www.marlowreview.com&dtd=169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 17 Dec 2021 07:45:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 17 Dec 2021 07:45:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0896 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1791522500&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145995&bpp=2&bdt=1970&idt=164&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=408&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=K7XOgXCJH9&p=https%3A//www.marlowreview.com&dtd=169

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 17 Dec 2021 07:04:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0896
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

95ms
94ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Dec 2021 07:45:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 17 Dec 2021 07:45:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 17 Dec 2021 07:45:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame BE6B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb8cc226bf4836921c09b8e0eb270ad4aaab751a5bc425a97d8ad32884134a25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4363 1 KB
880 B 25ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=90&slotname=7303796483&adk=2753969720&adf=2617875171&pi=t.ma~as.7303796483&w=728&lmt=1639727146&psa=0&format=728x90&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727146030&bpp=2&bdt=2006&idt=194&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XzfcEAOvaE&p=https%3A//www.marlowreview.com&dtd=199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:44:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:44:27 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 4363 19 KB
8 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:43:49 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4363 2 KB
1 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:42:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:42:43 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4363 119 KB
36 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 17 Dec 2021 07:45:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 4363 15 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 07:44:43 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 4363 27 KB
12 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 13:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65583
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 13:32:44 GMT

GET
H2 200 10617008731378152712_9055131806104687005.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 93 KB
93 KB 32ms
7ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/10617008731378152712_9055131806104687005.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d843a2c0db73f81457daa0d2f79961515825e511d506c7cd38233a3addb66d84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 15:38:21 GMT
x-content-type-options: nosniff
age: 490046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94782
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:22:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 15:38:21 GMT

GET
H2 200 587427816097677365_2519359347507806984.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 45 KB
45 KB 47ms
23ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/587427816097677365_2519359347507806984.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b70335e6538e3501981c6f555ac61cc5b64c66ca384b395fb7efc2a1caac2ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 15:02:10 GMT
x-content-type-options: nosniff
age: 492217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45591
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:23:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 15:02:10 GMT

GET
H2 200 15201370854172439163_5750174601971708704.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 30 KB
30 KB 50ms
27ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/15201370854172439163_5750174601971708704.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e0929dd99d059e54b7a6031901d60ed05ffb53fae886898e9110985f19a78f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 16:12:11 GMT
x-content-type-options: nosniff
age: 488016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30289
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:22:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:12:11 GMT

GET
H2 200 13892103332265510627_10463991169419463617.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 282 KB
282 KB 52ms
29ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/13892103332265510627_10463991169419463617.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48d3db0c240ac0d6ff6c481bc3322279318ff562a88624e14cdff0ede930bf08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 17:16:12 GMT
x-content-type-options: nosniff
age: 484175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288968
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:22:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 17:16:12 GMT

GET
H2 200 10109514134961644074_11437524667625227980.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 35 KB
35 KB 45ms
22ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/10109514134961644074_11437524667625227980.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd292b6b0752cccda492e3f76c5e749a05dc1245bf32baff383fd1b1f6614967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 16:56:31 GMT
x-content-type-options: nosniff
age: 485356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35796
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:23:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:56:31 GMT

GET
H2 200 11808002429406623777_15307955638580495089.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 91 KB
91 KB 49ms
26ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/11808002429406623777_15307955638580495089.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba9b0134aef10a36ad217ce7de929574ae10b5187ce243aec97ce18cf0a7e13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 22:08:55 GMT
x-content-type-options: nosniff
age: 466612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93198
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:22:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 22:08:55 GMT

GET
H2 200 15240210628018549258_7438361057361576951.jpeg
static.doubleclick.net/dynamic/5/348000177/ Frame 4363 54 KB
54 KB 35ms
13ms Image
image/jpeg 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/348000177/15240210628018549258_7438361057361576951.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c99055a3eaa5a81b613f164c61d3300c4036f5901c8c5266c9a99ab15ebd1a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 11 Dec 2021 16:56:31 GMT
x-content-type-options: nosniff
age: 485356
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54914
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 20:23:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Dec 2022 16:56:31 GMT

GET
H3

200

13933158321802523974
tpc.googlesyndication.com/simgad/ Frame 4363
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_qYXDggEQtAEYtAEyCE4wj0WkHqeo
https://tpc.googlesyndication.com/simgad/13933158321802523974

30 KB
30 KB

7ms
7ms

Image
image/png

2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13933158321802523974

Requested by

Protocol

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35974c1387c31768d8abfa505021b2641e7412db3bba958271ff487156764dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 11:17:34 GMT
x-content-type-options: nosniff
age: 160093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30924
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 18:13:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Dec 2022 11:17:34 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 15:09:05 GMT
x-content-type-options: nosniff
server: cafe
age: 59802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/13933158321802523974
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Jan 2022 15:09:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4363 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2lzfKkC8YanHNImrlgS_6brwCpyo_fNk3OiAroIJ2rmnt4MXEAEgufnGWGCV8v2BlAegAcqWuvcDyAEJqAMByAPLBKoEoQJP0FOtJCptisRw8Earq23yf4LLwnknwa21gRQW6uAuOkcYlnNT7XzFJdRUg5yb8jMt6QMIdn34I7k0wQgGsUViNzrqg61Z7nvmgG10rmRMoND5H-I3PrNk6GgTxAIdTCDA7mZfmmPaxTLlr7U_39ewhazOBplueoqKmEV-9x7fS1PZirfqXLRLgDJHarU3BiSOxmUB_jA-FHrFMDPzjWvdCxe7ZcmUK9s_UB-lBntBfmNi_krZMiXkDVfGV8v5X55ZWkvPxX9YhUP0vPlgm5EqlVuznrzFB43ORjN7uHjpiW8NAvoirN8SBcArh-frrJy5Hj48wSYKlt-xRNekDZJhx0ZXKaxHRa_RpS9VoyufVH_pHZayQq2xD_6uh7aSaRfUwATBurqCigKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHra3PjAGoB47OG6gHk9gbqAfulrECqAf-nrECqAemvhvYBwDyBwQQjOcL0ggJCIDhgBAQARgfgAoByAsB2BMNiBQE0BUBgBcBshccChoIABIUcHViLTIxNjk2NzY5NzI5NzgzMzkYAA&sigh=XGZXA2ogUkU&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=90&slotname=7303796483&adk=2753969720&adf=2617875171&pi=t.ma~as.7303796483&w=728&lmt=1639727146&psa=0&format=728x90&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727146030&bpp=2&bdt=2006&idt=194&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=436&ady=1104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XzfcEAOvaE&p=https%3A//www.marlowreview.com&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 17 Dec 2021 07:45:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4363 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01966469ead836ff5415815900d4b3f890a08456216e5a71eaebebe1288cdb75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2100466596636473&ev=Microdata&dl=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&rl=&if=false&ts=1639727147148&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MPS%20to%20Seek%20Bond%20Approval%20from%20Voters%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview.html%2F%22%2C%22og%3Atitle%22%3A%22MPS%20to%20Seek%20Bond%20Approval%20from%20Voters%22%2C%22og%3Aimage%3Aurl%22%3A%22http%3A%2F%2Fs3.amazonaws.com%2Flewiscountypress-pictures-production%2Fmr%2Fproduction%2Fpictures%2F6249%2Fband_room_article_show_carosel.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22591%22%2C%22og%3Aimage%3Aheight%22%3A%22400%22%2C%22og%3Adescription%22%3A%22Marlow%20residents%20will%20have%20the%20opportunity%20to%20vote%20on%20a%20bond%20issue%20series%20on%20February%208%2C%202022%20in%20the%20amount%20of%20%2434%2C150%2C000%20that%20will%20fund%20multiple...%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1639727146605.996216364&it=1639727146191&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 17 Dec 2021 07:45:47 GMT

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 3413 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A7F 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
H2 200 theme.css
static.olark.com/jsclient/styles/cryptic-capybara/ 165 KB
19 KB 7ms
6ms Stylesheet
text/css 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket5/application2.js?v=1639596023950
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 252c73425a721718d649ac01db44e5d9834a4d4dd9316608cb4e3303b75eca77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:47 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/67C1)
age: 1318
etag: W/"61ba408c-294a5"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 19753
via: 1.1 google
expires: Fri, 17 Dec 2021 10:45:47 GMT

GET
H2 200 log.png
log.olark.com/jslog/ 2 B
75 B 116ms
115ms Image
text/plain 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.olark.com/jslog/log.png?version=-bucket5&location=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab9158471921759519&conversation_id=EQqgWlRzFwoSv1WR977zI0PZoA4abakj&visitor_id=cYTl7RhJ6LA4BFDE977zI0PkanYjbAba&site_id=7318-186-10-7079&bucket=bucket5&level=count&timestamp=1639727147373&properties=%7B%7D&recent_logs=%5B%5D
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:48 GMT
via: 1.1 google
server: nginx
alt-svc: clear
content-length: 2
content-type: text/plain

GET
H2 200 favicon.ico
www.marlowreview.com/img/ Frame BBC5 1 KB
1 KB 114ms
114ms Image
image/vnd.microsoft.icon 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.marlowreview.com/img/favicon.ico

Requested by

Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

302b8d307a129c100e9931f807853e9f3327c66a856fe9dbeb49e210f0933946

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.marlowreview.com/articles/7586/view
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:48 GMT
last-modified: Tue, 24 Aug 2021 19:56:52 GMT
content-length: 1150
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/vnd.microsoft.icon

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 76D3 189 KB
54 KB 209ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 325898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Dec 2022 13:14:10 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 76D3 13 KB
5 KB 215ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 325898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Dec 2022 13:14:10 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 76D3 89 KB
29 KB 154ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 325898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Dec 2022 13:14:10 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 76D3 71 KB
16 KB 166ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 153151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16759
x-xss-protection: 0
server: sffe
date: Wed, 15 Dec 2021 13:13:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6f5521ec42d8a94a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Dec 2022 13:13:17 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 76D3 5 KB
2 KB 165ms
18ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 325898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Dec 2022 13:14:10 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 76D3 40 KB
13 KB 166ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 325898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Mon, 13 Dec 2021 13:14:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 13 Dec 2022 13:14:10 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76D3 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41432
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 17 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76D3 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 7334
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 18 Dec 2021 05:43:34 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 76D3 0
17 B 50ms
49ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cbq72KkC8YZWPM5CI9fgPo7udwAnU6q-FZ9r9l5avDhQQASC5-cZYYJXy_YGUB6ABm4jRnwPIAQmpAp0pDB5p_rI-qAMByAMIqgSTAk_Q0i7UqlebOxKvEg9BlX9nb0HZhImzpHPnwZxYtBE7TRoRATiXLA3HYZHH1xhZqFyO5vyoOq71BAvznNVrqpLJJ6GnvWqO1z4sSfWZLPSv7F_zpVMPhQcr8-5BpqpT3XvA_gFWfP-5-pkxMux-I4DblzxfZQLxH7o-3T4L3p6PhlDhJKAyyLMO88LYRY80s-R5naa7eknOqhD6-Yn7unGqJQjBevemQdImXP8oqhA8YQlxBFD73C8a3SkMAnBT1s93tDaAI9RlWUC4KGFyWfDAnZk9jBZTzZuBbK7WXPlSHBYtMgFnC6_quySz0jUWpQXAQjdsuomAAhxqptHImhgtZnhkku2UM6oD_NPP2sKfQ1NtwAT76Med7wOSBQQIBBgBkgUECAUYBKAGLoAHzfeuYKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEP6BVNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMTY5Njc2OTcyOTc4MzM5GAA&sigh=CYKY2moZizc&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2169676972978339&output=html&h=250&slotname=8520031036&adk=1675003158&adf=1402318359&pi=t.ma~as.8520031036&w=300&fwrn=4&fwrnh=100&lmt=1639727146&rafmt=3&psa=0&format=300x250&url=https%3A%2F%2Fwww.marlowreview.com%2Farticles%2F7586%2Fview&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639727145997&bpp=1&bdt=1973&idt=204&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=7586786460424&frm=20&pv=1&ga_vid=1850153578.1639727146&ga_sid=1639727146&ga_hid=1394226665&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=1019&ady=688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44753657%2C31063825%2C31060032&oid=2&pvsid=160355460950866&pem=581&tmod=864&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=3vxmmJ5f4a&p=https%3A//www.marlowreview.com&dtd=208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 17 Dec 2021 07:45:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 noto-sans-v11-latin-700.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 25ms
7ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Request headers

Referer: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:48 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 19:22:52 GMT
server: ECS (frb/669E)
age: 1310
etag: "61ba408c-3f34"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16180
expires: Fri, 17 Dec 2021 10:45:48 GMT

GET
H2 200 noto-sans-v11-latin-regular.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 25ms
7ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Request headers

Referer: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:48 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 19:23:06 GMT
server: ECS (frb/675D)
age: 1316
etag: "61ba409a-3eb8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16056
expires: Fri, 17 Dec 2021 10:45:48 GMT

GET
H2 200 Roboto-Regular-b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f.ttf
assets.mr-production.lcp-news.com/assets/ 142 KB
143 KB 113ms
113ms Font
application/octet-stream 104.154.203.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.mr-production.lcp-news.com/assets/Roboto-Regular-b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f.ttf

Requested by

Host: assets.mr-production.lcp-news.com
URL: https://assets.mr-production.lcp-news.com/assets/common-02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.154.203.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

214.203.154.104.bc.googleusercontent.com

Software

Resource Hash

b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://assets.mr-production.lcp-news.com/assets/common-02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1.css
Origin: https://www.marlowreview.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:48 GMT
last-modified: Tue, 24 Aug 2021 19:56:52 GMT
etag: "61254f04-237c4"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 145348

GET
DATA 200
OK truncated
/ Frame 76D3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdbd7bbf08dfb48a1a30c6514abf39f05372654ce732923eefb74403d92866fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 76D3 28 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d296c24459fafe654905ce0c952d710aa3775785777606ee49e600c94deda461

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012111011823000/ 20 KB
7 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ae9b37e892f49eba3b1fd0236469467aabd48f0d685f4b31efded3991ee0a59

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 153152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7332
x-xss-protection: 0
server: sffe
date: Wed, 15 Dec 2021 13:13:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e7aaad083a0be630"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 15 Dec 2022 13:13:16 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76D3 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 41432
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 17 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 76D3 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 7334
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 18 Dec 2021 05:43:34 GMT

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 22ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.marlowreview.com
URL: https://www.marlowreview.com/articles/7586/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: YXKSRKQXSAVQSE4H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: O4JKwZC9VFoJXBRd/NFCO0gPTS39j/XLNaWXaKgHazkl5CgZvT66crlfLN37ZUtrHbYn5R9QuA4=
x-served-by: cache-fra19143-FRA
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1639727149.515580,VS0,VE0
date: Fri, 17 Dec 2021 07:45:48 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1488

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 41ms
26ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab90380a7e91421026147319e1d5b7362adb038b0fb94c70c8faf1cdf69ad466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Dec 2021 07:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0

GET
H/1.1 200
OK NRJS-d6b5f8617b1a1efbcc4 Show response
bam.nr-data.net/1/ 57 B
322 B 398ms
99ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-d6b5f8617b1a1efbcc4?a=563197195&v=1212.e95d35c&to=JVhaFhFaXwkBSh1ARgRbXQE8VEERDVteVUBJRFwNFA%3D%3D&rst=4905&ck=1&ref=https://www.marlowreview.com/articles/7586/view&ap=283&be=1030&fe=4876&dc=3011&perf=%7B%22timing%22:%7B%22of%22:1639727143020,%22n%22:0,%22f%22:1,%22dn%22:1,%22dne%22:376,%22c%22:376,%22s%22:376,%22ce%22:602,%22rq%22:602,%22rp%22:1001,%22rpe%22:1332,%22dl%22:1004,%22di%22:3012,%22ds%22:3012,%22de%22:3086,%22dc%22:4876,%22l%22:4876,%22le%22:4883%7D,%22navigation%22:%7B%7D%7D&fp=2775&fcp=2775&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/javascript;charset=iso-8859-1
Content-Length: 57
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 17 Dec 2021 07:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 17 Dec 2021 07:45:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BE6B 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssp2TGLf_6BEVJVm4FcUH52DQj5pf26tQhdU_VNMZuPKFzMK064x-ZJutkzpzB5yJaBfDM-7Xm_H9QH6jbADBvgPcNrwAslgnExiT61lSZMI8gJcVntnw&sai=AMfl-YQolqTY-7STfHWIkM0yPyqmVXxRMI89wTvcB8-Ls9Gw3YgrSs8oJQaMD6LgXyWFpZpNQJFcU8--IAzW&sig=Cg0ArKJSzHiDAGHCajluEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1675003158&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639727146166&rpt=784&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9709 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 17 Dec 2021 00:42:05 GMT
expires: Sat, 17 Dec 2022 00:42:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 25423
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A407 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9be9d8714017664226078fc5d2bb686e2925615c1f7e4a4573e502c56216099

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dgFIHQj6A75I5RCM+FirgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 17 Dec 2021 07:45:48 GMT
date: Fri, 17 Dec 2021 07:45:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-dgFIHQj6A75I5RCM+FirgA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 9709 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 15:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 16 Dec 2022 15:05:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A407 0
0 56ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=160355460950866&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=160355460950866&bg=!BgWlBUHNAAZKWFskSlg7ACkAdvg8WrKAnAtR4BitYbLp7HN1ST7G200SHaVpOFRPYFt3AJk531m_4AIAAABXUgAAAApoAQcKAIxR_ctf5YnvgfSslWdEtX7nxREOeDPNhlmZhpgZnqk9H63v35Jt3iat771jIrFmNABWMRB0QfWdB2H2lCqiL6JDbmtiixk8PKyaR08kviVXJlTTo7ymqrwYZ7GXSLx7NWYmH6D7am5wAY6AkvrB5O6pHtSSmhJayjXOn6w-zA-iogaC2dIPJ3Kvenb2M5kCrnPFecSdfvg3pjxGf7Ek227Q1qaga1whKPWN8ulWHdJy_EELQ4EBiMU6OORNHmP1gE2FqwjcjFSx9p_ZXO6ntcYFb87INf2eZlnbVhEvVC-XTZjzhaHZpDqe6AUFc-lsqAkXZdMcAk3Wpeo6hlwemQaI277RsFoMOdIooysaParn3uxwm8z-gW4vbDo6gR9YmC2r-L0mQ0vT_c2JQHdcid-JyI_TAu_M6xF72kkVKMPP-YxZ0qCZo6TZXBDFkUB9bj1-FX36Ztye6NRFovYj4ZNRA2CHBV7Ko0E2ZbBAmDxrJv6uNC2oJ-SiixCYBYn2aJCGRSNEVWAh6uAuupMCJ8bdFGOL1AUnqF8j9ik8vmJ82Px8_19K55tMd38a6BUxuimqe19tAXrq6ksgunAnhNvqK_AlixrBnmGRbCXf-g4e8WXNyustNfDqlqROn7-B-nqwzuFOlOARynOzvPxYDDHysoxp5Y3BEfbWFJDVig96i6HM0iRa9p0RC5Pzv4eTgXKuSoyuAfNp3cHK7yhzBMwMcUa16wJ55h_RRHRyoNiTbOAIDL6LhSSfJTpBSNNuW9UOMrgDcTvjbdRU8gtazScAOeE2pYiPJSu8SbJKd6lEersxHB3FLqtw14UoJR9WjvNyMRnagGx3F_4XOABBIzPKcW-NXiOcBk7NV7Ztjx3YwcTN0ac7YNqj9fkO0hoJarnUq_nN-wyhzv8nfKIo0cUjH-LseiWi3SEb1nzsT8WTWUJMzBfuGplhuzQG9FHeBbm_yV2b8GLMLao2PxEpR0jYloEhW_GQFFA7gOGd0xBbgvkK7EhK6jehqsV2Jc_W8bw9ro5R2jxJs-08qRxqJzqt10DoThn8NyO0jYKs9Kqv7RVEyt8Zm9-8FjpkGy9Mo9OawdmzPCWYfGzWDjIE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.marlowreview.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4363 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBM54lpZ6mKpV4B5HeVCI523MoqO-0zWbUxoVx5pa8b6FxVS5DIxNWBlTmRDkVSov8sxHZszRNxlrjaIToKzrodMSqOxXMgfRxZSzBKFX1uM1R-oWzcA&sai=AMfl-YS-K7VKJChUivNMPt5fSKKxvYcmdeeR3URe_dNKOMGS_dSyKht2lujgSpB8zkcH8XhkKWgOJCy-adVh&sig=Cg0ArKJSzEYzQNVUGCApEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2753969720&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639727146230&rpt=969&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 76D3 42 B
64 B 43ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEygvjQ4fb4StzIJMhylCBi38GGgXVH5bAAVxB0vd3H3oj-9uyruQY5LlAveqWevEljFbB3WvwDpPG4sWO4KtHrJuZmGPByfP-1NF5SbDOLtGhebfqlg&sai=AMfl-YTfs44guCmrdGNjkhlWYc1k_b9EX2KgW39UCX2V4XQ7iZqs6mru5oDXlTFNSiUlXtIL43iu8bPZKZlm&sig=Cg0ArKJSzGiMjxt6tHQcEAE&id=ampim&o=1019,691&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=105&tls=1105&g=100&h=100&tt=1105&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=1675003158

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Dec 2021 07:45:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
375 B 63ms
37ms XHR
application/json 130.211.34.183
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1639727151014

Requested by

Host: cdn.mxpnl.com
URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

130.211.34.183 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

183.34.211.130.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.marlowreview.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Fri, 17 Dec 2021 07:45:51 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.marlowreview.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 21
alt-svc: clear
content-length: 25

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.marlowreview.com/	1970-01-20 01:38:23	Name: _workbench_session Value: ZkRrRUl1SDlqWUtNL3ZlN3F4QVgvUjlTZWdoT0Ira052emwvclVoVzVuNUJWZ2wxRGtEaUdHUUV4WDEreFpDdW53OFh1bm04NDB3eVlpalFVOWR6VVRrRDhOS2lnTVdRTE1kNHJqQ0l0cGN5RXJ0NDU2emZ6dlJJOWZuaERIV2lKdkkzd1R1SFdVNDl0dlZNcEpLRUlnPT0tLW00NlRRTU1FdVY0UmpLcmpDOGlWd1E9PQ%3D%3D--ef449a00646646bf998d156de6a82effaf79623e
.marlowreview.com/	1970-01-20 16:59:59	Name: _ga Value: GA1.2.1850153578.1639727146
.marlowreview.com/	1970-01-19 23:30:13	Name: _gid Value: GA1.2.1233730243.1639727146
.marlowreview.com/	1970-01-19 23:28:47	Name: _gat Value: 1
.weatherwidget.io/	1970-01-19 23:28:48	Name: __cf_bm Value: KO3oi2q14l3C7WHFayEtmE_BXoVaVxyyoulCsF3WZv8-1639727146-0-AakDBf0e8j6njE703VSLsRoVjB0eX5eUWcfL8CvBzQOgyYL+0q24q1s9DNESEiZNcdFhMreDdBOeFIFKfp3+dZQ=
.marlowreview.com/	1970-01-20 08:14:23	Name: mp_e3454a75e951e7d2ecc74f8ebb832836_mixpanel Value: %7B%22distinct_id%22%3A%20%2217dc75aa422c0-03ee75d958ba3f-978153c-1d4c00-17dc75aa4237aa%22%2C%22%24device_id%22%3A%20%2217dc75aa422c0-03ee75d958ba3f-978153c-1d4c00-17dc75aa4237aa%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.marlowreview.com/	1970-01-20 08:50:23	Name: __gads Value: ID=afde432c2ac4df95-22b1157407cd00cd:T=1639727146:RT=1639727146:S=ALNI_MYKF3zB8syzsvrGOH72_P6eADRPXw
www.marlowreview.com/	1969-12-31 23:59:59	Name: wcsid Value: EQqgWlRzFwoSv1WR977zI0PZoA4abakj
www.marlowreview.com/	1970-01-20 16:59:59	Name: hblid Value: cYTl7RhJ6LA4BFDE977zI0PkanYjbAba
www.marlowreview.com/	1969-12-31 23:59:59	Name: _oklv Value: 1639727146324%2CEQqgWlRzFwoSv1WR977zI0PZoA4abakj
www.marlowreview.com/	1969-12-31 23:59:59	Name: _okdetect Value: %7B%22token%22%3A%2216397271464540%22%2C%22proto%22%3A%22about%3A%22%2C%22host%22%3A%22%22%7D
www.marlowreview.com/	1970-01-20 16:59:59	Name: olfsk Value: olfsk010779982490884299
www.marlowreview.com/	1969-12-31 23:59:59	Name: _okbk Value: cd4%3Dtrue%2Cvi5%3D0%2Cvi4%3D1639727146559%2Cvi3%3Dactive%2Cvi2%3Dfalse%2Cvi1%3Dfalse%2Ccd8%3Dchat%2Ccd6%3D0%2Ccd5%3Daway%2Ccd3%3Dfalse%2Ccd2%3D0%2Ccd1%3D0%2C
www.marlowreview.com/	1969-12-31 23:59:59	Name: _ok Value: 7318-186-10-7079
.marlowreview.com/	1970-01-20 01:38:23	Name: _fbp Value: fb.1.1639727146605.996216364
.doubleclick.net/	1970-01-20 08:50:23	Name: IDE Value: AHWqTUk8XgOmBxFd7BHdBIJaIo3mEjrMH0biDa7c5A0ulDpyCEcEoAKxLFVmWdrxpjo
.doubleclick.net/	1970-01-19 23:28:50	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 23:28:48	Name: test_cookie Value: CheckForPermission
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4fd08de2d6964e67

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-js.mixpanel.com
api.airbrake.io
api.olark.com
assets.mr-production.lcp-news.com
bam.nr-data.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.mxpnl.com
connect.facebook.net
forecast7.com
googleads.g.doubleclick.net
js-agent.newrelic.com
ka-f.fontawesome.com
kit.fontawesome.com
knrpc.olark.com
log.olark.com
pagead2.googlesyndication.com
partner.googleadservices.com
s3.amazonaws.com
static.doubleclick.net
static.olark.com
stats.g.doubleclick.net
tpc.googlesyndication.com
weatherwidget.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.marlowreview.com
104.154.203.214
130.211.34.183
142.250.185.66
151.101.2.137
162.247.242.21
2600:1901:0:bc29::
2606:4700:3033::6815:2bd
2606:4700:3034::ac43:c16a
2606:4700:3037::ac43:a12f
2606:4700::6810:5914
2606:4700::6812:1734
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:827::200e
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c09::9d
2a00:1450:400e:803::2008
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.96.127.16
52.217.227.40
54.211.165.117
93.184.220.42
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01966469ead836ff5415815900d4b3f890a08456216e5a71eaebebe1288cdb75
02aacf652c252fb7eaa63f47615aff1809afcea71b4c0cf4da61fb6bb12a4963
02db71b038f22420ca4c715a6a8e0349389b965fdd1a61416259a639c9ac07b1
02ef47b604fa484bbd394360e607128d05e9262740cb6fe09c9a95148ad09450
0e1fc99d73fe683bd540dc4240c240f53e629792a2377065733233523104095e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
17e9588688a15c515b224e4c7633242f64a364e515df9f365f9f923f7bd5c1c8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1975493229bf11e8a8ee543d0f2c4f7d97b7db0da591cc7670d37ab52e5f978e
19b792a51a6250895c8cbf5006db66a7727bcf0133e4c45e7f1144a9b34ca4bd
1ae9b37e892f49eba3b1fd0236469467aabd48f0d685f4b31efded3991ee0a59
252c73425a721718d649ac01db44e5d9834a4d4dd9316608cb4e3303b75eca77
25919c984086c16a5f4c8b98435c28a00ba5affcc47b17605c95dff2bd472623
2cc36b7e19b912c6d09739d2c3edbbb05a272be96736ae9fb0b0a70c2a331d48
2e2c51e1528f4f0f0a900c9c041a720a25f4a27ea6f60eb7e1ecaf16a5813cee
302b8d307a129c100e9931f807853e9f3327c66a856fe9dbeb49e210f0933946
35974c1387c31768d8abfa505021b2641e7412db3bba958271ff487156764dd1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
405aaad7324b2ed37b136a04e8146b360622f65defe0ed3f3e5c17f3cc1d6973
47e0929dd99d059e54b7a6031901d60ed05ffb53fae886898e9110985f19a78f
48d3db0c240ac0d6ff6c481bc3322279318ff562a88624e14cdff0ede930bf08
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4ba8feff91e46b480b5277b31cfb49a83733432e8fc5389c37205305f23b0f27
4bcb54b161aa739c858da0addf9e28e192c1506b046fe2f9dc1a123a637363e4
4fa819e4b760e2a038cdc7e159359dc6319e5ff05ebd95eb7aad169facd8ddeb
506e190d894a15318bb3f0c60d700a21432f0e57275b9c3d8c44ef45f31b6674
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5c590b7f35f60c3d58265b235066ecc42d07f6a6c2edad989e788faa0d444fa6
5c88c87303a506c66b327209964b89ddc6dffb52413fdd984d3026741fd07605
5dc433b2308cf3b2e6e85b4ef39817ddf187e5f4c24863d6dff86de444151cd7
5fc159897fe0ef244838d5e6562eb4cda3b4437b4a375da55ec9238f8cba06f4
60b682c125b8e5d21bec934cfcdb75f87ef62dc218a424cf1021af62ea1b0e30
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6483dc3b8963d66c6b61bd03208696125dc94fd5eceb10f239a3429f66b848fc
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
666b81a3d37a051f35c544d975cfcf22a988d3990166d9d91a68ac6f9d6b5edb
6b40f4807c714144725e7605c5b3c7edbc1a8a5dfa5e0d16c8dfa68934798989
6b44e369dad76bf9410972ec3735b1ced62a5b2591e70f2bb1a77f86711ab7c8
6d159f83217d1c79da56a201e156e9a981506528dceb99e5a46f68bcad416b81
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7d6abb5a78f1add07d5396b04e27ba9362f6327ac69a8e2e1cb234ae739bd3dc
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8be22579af56a9d1ca3673a990766d25320033692f89e0f0f6911132f4c6e0f1
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
907e3bdd2b843886f1a01b4bfcff888df8df4679c6f85492f7a0a9d7d9ed0e5e
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9ba9b0134aef10a36ad217ce7de929574ae10b5187ce243aec97ce18cf0a7e13
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a0e025631497dd2b3eb11773457ae6cbde353e4efaed97389307b279bfdc85cb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a62aba3546baccac5aba72413337f0216c67f8354349e8306dd208d4fcf4cb4f
a9cf578656c6c3d88130bc3b64768066d27712b0f54a5a0d834c4fc1902e69ba
ab90380a7e91421026147319e1d5b7362adb038b0fb94c70c8faf1cdf69ad466
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd2d099307fc78c161dc1574920c7268ad8c0e8b6a896f58dae6b61d48c5a9d
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b550bc1fe6527e0f74ec28d2ca79e8324b7a2f6ad5077e8888671b58216cd324
b70335e6538e3501981c6f555ac61cc5b64c66ca384b395fb7efc2a1caac2ac6
b84bbf1465a0890e6d0da6842d342d9e70365928fdd09db3190e33408dd8a1c4
ba11ffa7547aa3048bbb8ad4fdc65880728cc7f228217ad3b100d82a17ef34b3
bd292b6b0752cccda492e3f76c5e749a05dc1245bf32baff383fd1b1f6614967
c99055a3eaa5a81b613f164c61d3300c4036f5901c8c5266c9a99ab15ebd1a29
caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cdbd7bbf08dfb48a1a30c6514abf39f05372654ce732923eefb74403d92866fe
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
cf271ee116882b2f6cbeaf5db0e1d5c08be75c5e49970b52bfe927eaaa60ff3e
d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d296c24459fafe654905ce0c952d710aa3775785777606ee49e600c94deda461
d843a2c0db73f81457daa0d2f79961515825e511d506c7cd38233a3addb66d84
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d931c696419604dcc6baeb5ddf714bb2144f5db5e655a7455cde43e3db6c7248
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
e1527d5c058fb1f0d0cd10c0f511bb84d6fd35f04ec1b052be563e9e182d2578
e37bad01d25cbecb3e6f6d477725ce6ea43637a94510cd27baf1068e319826ad
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4567fb3addbecbfd8df58bc4df722d9fdd1d7b20e5b5bdfe9bc072abbb8d37e
e59a4f0fa8e783f8b5ee57690b7efc912b8c8eb45bbae7f0db032307230dc316
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
e9be9d8714017664226078fc5d2bb686e2925615c1f7e4a4573e502c56216099
ea8123e77b1354f2532dbba8e1694a64c696d1fa3b2d3ee9577b5f155fa0b42b
eb8cc226bf4836921c09b8e0eb270ad4aaab751a5bc425a97d8ad32884134a25
ed4ae1ea80466aafceeed73371eed6dcd69c2a41ff0f26cd109f9dd2db7fae03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36099a5361d6f47960b58aae0105c599a3b9aafbc7efcb4b61d76137bd59d59
f677db2ad08f76cc01ba137d0a99fb7d3649c7313a1844f1b32f5e15cedca21f
f74168ea4646ea10f2eef989e3171df56774015368511f78d8d394912f7cbd02
fb0f3fc89610b397dcb1f6b84ac024253333330a5f666f7293e4ccbd2cdea0b4
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ffb3bbe91d293ec0b30bf7834648ccaded81fd6a27fa6dbb3f06941b28a6d12a
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.marlowreview.com Open in urlscan Pro 104.154.203.214 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

130 Requests

99 %HTTPS

70 %IPv6

25 Domains

34 Subdomains

31 IPs

5 Countries

4986 kBTransfer

8129 kBSize

19 Cookies

8 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.marlowreview.com Open in urlscan Pro
104.154.203.214 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

99 %
HTTPS

70 %
IPv6

25
Domains

34
Subdomains

31
IPs

5
Countries

4986 kB
Transfer

8129 kB
Size

19
Cookies

130 HTTP transactions
4 data transactions