ddo2v5hc6dq50.cloudfront.net Open in urlscan Pro
2600:9000:21a2:6000:12:7462:e500:93a1  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ddo2v5hc6dq50.cloudfront.net/	39 KB 8 KB	435ms 210ms	Document text/html	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4f4027b7de07fe440521f8e46cd265b0d1a4860076b7f18957fd6ded3bd0fd62 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding gzip content-type text/html date Wed, 24 Jan 2024 20:12:22 GMT etag W/"575db5d1dc96b053ef7d9b66f470f2df" last-modified Tue, 19 Dec 2023 07:48:31 GMT server AmazonS3 vary Accept-Encoding via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) x-amz-cf-id cXg9_lPC5cfUICz5oo_pYQKR2MDYKBuYwKUdGUuI4i1KaebAgqQNcg== x-amz-cf-pop YUL62-C1 x-amz-meta-server-side-encryption AES256 x-amz-meta-version-id wP.Sa9QyfLPxv8X6uEe.UnMRa.IdtG1T x-amz-server-side-encryption AES256 x-amz-version-id IRS2sYFIZ7HbeF4lxW9EAzHaCEJqa5S9 x-cache Miss from cloudfront
GET H2	200	js Show response www.googletagmanager.com/gtag/	271 KB 91 KB	262ms 109ms	Script application/javascript	2607:f8b0:4006:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3SE1GTWTD1 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash c21af689c20dc668dc05c63edd9096ac00554b25d9637fe26667b604430f9b03 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 92282 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 24 Jan 2024 20:12:21 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	146 KB 50 KB	256ms 103ms	Script text/javascript	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4703037885015919 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d5c508b7f96185df07749022329daaf3c61c8a137e664a6fcaef60fea15836fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/ Origin https://ddo2v5hc6dq50.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51048 x-xss-protection 0 server cafe etag 10637703469222910080 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Wed, 24 Jan 2024 20:12:21 GMT
GET H2	200	healingoal-search-homepage-style.min.css ddo2v5hc6dq50.cloudfront.net/css/	14 KB 4 KB	215ms 213ms	Stylesheet text/css	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a28c88787c111adca745be6520cb4653b37a5658d77493c7ca5006f06298160a Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-meta-server-side-encryption AES256 content-encoding gzip x-amz-version-id DgOIcOPBz1ORJQHKb9KYXmOflQLpTerT last-modified Mon, 18 Dec 2023 15:17:02 GMT server AmazonS3 via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-C1 etag W/"4e480dc83bfd2b01d2e8ec0891996656" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/css x-amz-meta-version-id JH2nfADRSvQ7v6etnwb637CMqIDoxjIA x-amz-cf-id a1FkZz7rxQ1rTEaqFHz3WPr360vIB4ZH2s8SlSHiZU0c_VZeEhY7Zw==
GET H2	200	automobile.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	41 KB 42 KB	408ms 405ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/automobile.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41b9e35f71efeb3e276d3858522e8bf896c202f732a058cca456cda7ba1ab2eb Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id P43J_X5gI5B.4KebBIriJFQXLeKZGfQS via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:19 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "a95f1806dd5f1321fcb3dfe334156eee" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 42288 x-amz-cf-id 5x8wE0ADnfgIwbfnokigaxDHSHuOiLCkTqD40xyEy6c7Pm2ghQk7Wg==
GET H2	200	education.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	36 KB 37 KB	415ms 412ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/education.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3e49200e99ca194dc790a32e6f8ce56c1c7ddd2f65537726fd082087e758ac29 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id 51PAoiTL2.Eyc.sOkBOnFz_XoZani4sm via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:20 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "8569d594ab68cefd0462aee7d7edf13d" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 37347 x-amz-cf-id 4tGNN4_Gdl07XZDcxhNU_m2Qsw4aQ6TUZB42AE7eUUoMjXIXLXXtKw==
GET H2	200	finance.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	24 KB 25 KB	264ms 262ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/finance.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1d92ca08a0a78dcaa220c63cba07daa4b6a932753c381e4677fcb51f89ecd9b4 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id MhF_hyYKVEPHt9IVPWx2Y6DXIbnU.rtG via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:20 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "2b830b890143281fd60c5d5eb007c96d" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 24882 x-amz-cf-id 22TxSHQCk7fvOjmUZJu1tWA3cstPIi1a5kBAI108Vv4EiFU0s92wag==
GET H2	200	health.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	28 KB 28 KB	337ms 335ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/health.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 008ba3abd261f71c2572b3574c9871ce6cddf44f13af15f94534c22a8640afeb Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id .69fhAqJ3nKBEHJl8TXpKS0pdjUttMbm via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:19 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "b2d6d9eb39913905575ff618f7529e9c" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 28527 x-amz-cf-id Z5qCCzmbeN9z7SOnWZ6fmy9H5jnmMxTANUh8O3mAcRWtSJoj9ylbZQ==
GET H2	200	home.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	69 KB 70 KB	206ms 204ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/home.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92c704cb3942fd5fbf8467aa33fe82b12e15156c44da48bbb24715df3b92a6f5 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id ajDTBw.4O7p_f2I6TtbJ8Ud3FUmAkbAv via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:19 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "b3dfa1b0ff05a502db3b4de7501af590" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 71085 x-amz-cf-id gnruFRjvO25vKq06aackFV7h14BKT4ge00AEqOEQvt8aVQmrMUOocg==
GET H2	200	lifestyle.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	42 KB 42 KB	187ms 185ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/lifestyle.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 83c6416c49386efecdfc59eed7dedba26fb7854421fbf5ef7bcdfa817a394a82 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id iBtSrpvZEGvqr73hU92fmIgK7nX.dAQg via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:19 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "11887f6461f5ac6ad20493f03745a485" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 42744 x-amz-cf-id vHCBF7i567gKBm4Qfp411GlCAnMQLd6fQv9L2sEon76kv1wIdYUK6g==
GET H2	200	tech.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	39 KB 39 KB	396ms 394ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/tech.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d9e69f613935b842c3a70c9e0edbc3758ff598269028f81d0537afed137f2d93 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id 4vChjJdlRiCn4jqBfOP.d4oYSSX2UmCj via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:20 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "b7b525eb9ca659d90ad5fb6d4573e2c9" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 39807 x-amz-cf-id P03_TtCvXRlhJRG-c_PJ_KE2MZU7KyzkC8ZpUcoMAsnKSKCos1S93g==
GET H2	200	travel.jpg ddo2v5hc6dq50.cloudfront.net/template_images/	25 KB 26 KB	303ms 302ms	Image image/jpeg	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ddo2v5hc6dq50.cloudfront.net/template_images/travel.jpg Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 992361793a708b77507317247b27d82f46a07f5f35ad8c946a73c4d0bd9167ab Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT x-amz-version-id tfZYH5AJ8.T4MaBmsazKjBWUaoRzYKfF via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:09:19 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "c2459d25ac5747ebbc55e745ff037f1d" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 25874 x-amz-cf-id 6wxmF0hOpeQ1J3pj5CkEBPafud2JHLoFM0ULOHNwam6UVk41Idjs5Q==
GET H2	200	searchLocal.json Show response data.reignn.com/search/	2 B 423 B	1484ms 1220ms	Fetch text/html	2600:9000:215f:b800:a:7757:5280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data.reignn.com/search/searchLocal.json?domain=www.ddo2v5hc6dq50.cloudfront.net&engine=google&count=20 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:215f:b800:a:7757:5280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:23 GMT via 1.1 9a6f07a84b60a85466bb31603767843c.cloudfront.net (CloudFront) referrer-policy same-origin server CloudFront cross-origin-opener-policy same-origin x-amz-cf-pop YUL62-C2 cross-origin-embedder-policy require-corp x-cache Miss from cloudfront content-type text/html access-control-allow-origin * access-control-expose-headers * cache-control max-age=604800 cross-origin-resource-policy cross-origin content-length 2 x-amz-cf-id DWkcQjcc6rVwpb4Fm14igemwEO3zx-L6IhvCMMjEfKfEvKcYKxghmg==
GET H2	200	poppins-600.woff2 ddo2v5hc6dq50.cloudfront.net/fonts/poppins/	8 KB 8 KB	252ms 251ms	Font font/woff2	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ddo2v5hc6dq50.cloudfront.net/fonts/poppins/poppins-600.woff2 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Origin https://ddo2v5hc6dq50.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:23 GMT x-amz-version-id n2fx_prfLbfGHKL7fLlMr47hq79Kfr2H via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:07:26 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "72993dddf88a63e8f226656f7de88e57" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type font/woff2 accept-ranges bytes content-length 8000 x-amz-cf-id UWzBoas-4ht1ahSxCE8icvQW3Vg0RqeFEfOnHvIZcgYciKy-FxHqng==
GET H2	200	poppins-700.woff2 ddo2v5hc6dq50.cloudfront.net/fonts/poppins/	8 KB 8 KB	252ms 252ms	Font font/woff2	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ddo2v5hc6dq50.cloudfront.net/fonts/poppins/poppins-700.woff2 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Origin https://ddo2v5hc6dq50.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:23 GMT x-amz-version-id L_o8i6llgjESQB0xJl5Xxpu05aRx6Mjd via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:07:26 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "25b0e113ca7cce3770d542736db26368" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type font/woff2 accept-ranges bytes content-length 7816 x-amz-cf-id RCHiGSfxxpmHo4ZHoeaFH2UDQLHe82LIjA1iFLRujCHa9vnYFXuE9g==
GET H2	200	poppins-500.woff2 ddo2v5hc6dq50.cloudfront.net/fonts/poppins/	8 KB 8 KB	253ms 253ms	Font font/woff2	2600:9000:21a2:6000:12:7462:e500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ddo2v5hc6dq50.cloudfront.net/fonts/poppins/poppins-500.woff2 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:6000:12:7462:e500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/css/healingoal-search-homepage-style.min.css Origin https://ddo2v5hc6dq50.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:23 GMT x-amz-version-id XKh8Gsrp0X8EIzbZ5UmjLh4Ip.Rx9PWv via 1.1 523a43752798afeed1084674b07d844c.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 15:07:26 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 etag "a09f2fccfee35b7247b08a1a266f0328" x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-type font/woff2 accept-ranges bytes content-length 7748 x-amz-cf-id 6pFoohiOhOn4nTGOC10EGBRmjHRAoP-nAye9FN1PyJVaJ7KgU5DD0Q==
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/	403 KB 137 KB	295ms 160ms	Script text/javascript	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4703037885015919 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0e63328db22e6cf586bb0b2901c65476fb5cb99d01bf25a0d1845c4b0702ef78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 139763 x-xss-protection 0 server cafe etag 13297891103306138336 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Wed, 24 Jan 2024 20:12:22 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame D42A	9 KB 5 KB	209ms 65ms	Document text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4703037885015919 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 321 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 24 Jan 2024 20:07:01 GMT etag 3890843268177463596 expires Wed, 07 Feb 2024 20:07:01 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect www.google-analytics.com/g/	0 254 B	218ms 80ms	Ping text/plain	2607:f8b0:4006:817::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-3SE1GTWTD1&gtm=45je41m0v9105537810&_p=1706127141786&gcd=11l1l1l1l1&dma=0&tag_exp=71847096&cid=961967915.1706127142&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706127142&sct=1&seg=0&dl=https%3A%2F%2Fddo2v5hc6dq50.cloudfront.net%2F&dt=Healing%20Goal&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=904 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3SE1GTWTD1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Wed, 24 Jan 2024 20:12:22 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ddo2v5hc6dq50.cloudfront.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	403	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7067	603 B 218 B	166ms 165ms	Document text/html	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4703037885015919&output=html&adk=1812271804&adf=3025194257&lmt=1702972111&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fddo2v5hc6dq50.cloudfront.net%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706127142144&bpp=5&bdt=384&idt=446&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5540695968740&frm=20&pv=2&ga_vid=961967915.1706127142&ga_sid=1706127143&ga_hid=1654251685&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080590%2C44795922%2C95320377%2C95321627%2C95322162&oid=2&pvsid=1915945741710026&tmod=852525366&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=468 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Wed, 24 Jan 2024 20:12:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	134ms 133ms	Image image/gif	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=healingoal__search--header&ign=false&pw=1600&ph=1200&x=0&y=0 Requested by Host: ddo2v5hc6dq50.cloudfront.net URL: https://ddo2v5hc6dq50.cloudfront.net/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers pragma no-cache date Wed, 24 Jan 2024 20:12:22 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	98ms 97ms	XHR application/json	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a8a3c904c1cf0ce223d066ed6957d7c7fbd2710ed88b6cd821506bf977285c15 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:22 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12048 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	251ms 92ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 24 Jan 2024 20:12:23 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C8F	13 KB 5 KB	66ms 64ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 248 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 24 Jan 2024 20:08:15 GMT expires Thu, 23 Jan 2025 20:08:15 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 3946	829 B 1 KB	223ms 86ms	Document text/html	2607:f8b0:4006:816::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:816::2004 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 65afd790d46139ad3d521293f3a79102bc54357e7367be396496be0709384507 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-d7HtcE1mxP-3Lvd97SOXsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ddo2v5hc6dq50.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-d7HtcE1mxP-3Lvd97SOXsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 24 Jan 2024 20:12:23 GMT expires Wed, 24 Jan 2024 20:12:23 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response pagead2.googlesyndication.com/bg/ Frame 3C8F	39 KB 15 KB	65ms 64ms	Script text/javascript	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Tue, 23 Jan 2024 20:07:57 GMT content-encoding br x-content-type-options nosniff age 86666 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15219 x-xss-protection 0 last-modified Mon, 15 Jan 2024 09:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 22 Jan 2025 20:07:57 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 3C8F	0 10 B	65ms 64ms	Image text/plain	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?Yf9a2A Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers date Wed, 24 Jan 2024 20:12:23 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 3946	0 0	134ms 133ms	Image text/html	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=1915945741710026&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	130ms 130ms	Image text/html	2607:f8b0:4006:80d::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=1915945741710026&bg=!sLOls_zNAAa8BdJLnAU7ADQBe5WfONREX8u3s5eIMZSn99jq2g8HicRsgL2uRajZW-B7L_5upLZqToBNeVnsX5NVWcPVAgAAAGNSAAAAAmgBB5kCvHNNGr5idNbsYwOrf01JLZtWIhkVHdd_GR3OvPO5aYRREKB_3YdghakAgrutcBI6OJZrhRxUm1TjKyBO8XfOrGtqMufxzOvB3comnN3qrNod4oqvylG3lz-hTD1TUDX_IgGYq6l9ivKiXv6rGGfNcPTIx5E3NS9MzJ65qfFLKQDQueCvZj29vObZMH0nKws_6FIR71qGwufo2ndkAvPpxbDRXPuiui5estc4A_tC0NBxOI9Nxa7oVAH_L3rYCYKkXdUDr6KvuuCBbgJPthWYfMeg8M7gOt5g0KFVk31rUrlgJiqMcjNtk6lWQGyOcSlNMYnhg3X9PWdnZaGO7vo3TPoVz9y8EdLomqddjAjX5sA5F6yj_TKQgSG0QYteLAjbRvSTWj4T3Dh_pAe1mxWiZ_GeF76773ETJBQauNwax51IeN-NRkmwoEmHTiUypeP_3CV55ib8faduoRUhmpyAffNRhRUaFsGORewRyWp62ctX0SnMjCIpVXjFCwlMycN-PClyTpEpmTREwA7KYuuHJncEWHrAR0VK09iDEhDzI0HXjtn3LLtsubmpDMPW3YK-ekZMU1pXnFvkg4a7nK58p0SmRkL_BFzOZBETXEUbtAW0U5rqhcCCfrjOQffRgUitQ_WjSofNXlWCN1AFLEEhV4q0Sqkif9-OMBrBA8Tq6PniaXkW_p31ARkwgeF03xLk7NNn9WahGK92z30G40lYWT1rpIplDjDPXUhVP2xYtYQn1DK5Zs6oZ0cUQyh2WJXxNIu3QL5drXKMkD6iJ1b2U-hrhmRkH3YPGTtlrSQnKOKprlSa4PTZZVGOlErJvkSQOK4X04euoVqJcVx7Ihr8UYbTkmGuPJ3rElwNMeoIpnK35sLB2yIzBIG_qgj3tffJMDQe2ixrbtD8-LpEglXQ5vJumvudRWtc_ZIJQyk Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://ddo2v5hc6dq50.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36 Response headers

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| gtag object| dataLayer function| extractDomain object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ddo2v5hc6dq50.cloudfront.net/	1970-01-21 03:31:27	Name: _ga_3SE1GTWTD1 Value: GS1.1.1706127142.1.0.1706127142.0.0.0
			.ddo2v5hc6dq50.cloudfront.net/	1970-01-21 03:31:27	Name: _ga Value: GA1.1.961967915.1706127142
			.doubleclick.net/	1970-01-20 17:55:28	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4703037885015919&output=html&adk=1812271804&adf=3025194257&lmt=1702972111&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x945_r&format=0x0&url=https%3A%2F%2Fddo2v5hc6dq50.cloudfront.net%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706127142144&bpp=5&bdt=384&idt=446&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5540695968740&frm=20&pv=2&ga_vid=961967915.1706127142&ga_sid=1706127143&ga_hid=1654251685&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080590%2C44795922%2C95320377%2C95321627%2C95322162&oid=2&pvsid=1915945741710026&tmod=852525366&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=468 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

data.reignn.com
ddo2v5hc6dq50.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2600:9000:215f:b800:a:7757:5280:93a1
2600:9000:21a2:6000:12:7462:e500:93a1
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::2002
008ba3abd261f71c2572b3574c9871ce6cddf44f13af15f94534c22a8640afeb
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0e63328db22e6cf586bb0b2901c65476fb5cb99d01bf25a0d1845c4b0702ef78
1d92ca08a0a78dcaa220c63cba07daa4b6a932753c381e4677fcb51f89ecd9b4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
3e49200e99ca194dc790a32e6f8ce56c1c7ddd2f65537726fd082087e758ac29
41b9e35f71efeb3e276d3858522e8bf896c202f732a058cca456cda7ba1ab2eb
4f4027b7de07fe440521f8e46cd265b0d1a4860076b7f18957fd6ded3bd0fd62
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65afd790d46139ad3d521293f3a79102bc54357e7367be396496be0709384507
83c6416c49386efecdfc59eed7dedba26fb7854421fbf5ef7bcdfa817a394a82
92c704cb3942fd5fbf8467aa33fe82b12e15156c44da48bbb24715df3b92a6f5
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
992361793a708b77507317247b27d82f46a07f5f35ad8c946a73c4d0bd9167ab
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a28c88787c111adca745be6520cb4653b37a5658d77493c7ca5006f06298160a
a8a3c904c1cf0ce223d066ed6957d7c7fbd2710ed88b6cd821506bf977285c15
c21af689c20dc668dc05c63edd9096ac00554b25d9637fe26667b604430f9b03
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d5c508b7f96185df07749022329daaf3c61c8a137e664a6fcaef60fea15836fb
d9e69f613935b842c3a70c9e0edbc3758ff598269028f81d0537afed137f2d93
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149