hegetsus.com Open in urlscan Pro
141.193.213.30 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hegetsus.com/
Effective URL:
https://hegetsus.com/en
Submission: On October 30 via manual (October 30th 2022, 12:09:03 am UTC) from US — Scanned from DE

Summary HTTP 175 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 62 IPs in 6 countries across 50 domains to perform 175 HTTP transactions. The main IP is 141.193.213.30, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is hegetsus.com. The Cisco Umbrella rank of the primary domain is 485280.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 8th 2022. Valid for: a year.

This is the only time hegetsus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 49	141.193.213.30 141.193.213.30	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:ba49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
17	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	18.192.223.154 18.192.223.154	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	18.66.112.34 18.66.112.34	16509 (AMAZON-02) (AMAZON-02)
2	69.16.175.42 69.16.175.42	20446 (STACKPATH...) (STACKPATH-CDN)
1 2	18.66.122.94 18.66.122.94	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.13 18.66.112.13	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
1 2	54.82.219.205 54.82.219.205	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	2.16.238.137 2.16.238.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	34.102.161.46 34.102.161.46	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.107.143.101 34.107.143.101	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.65.140 151.101.65.140	54113 (FASTLY) (FASTLY)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:edcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	52.45.108.227 52.45.108.227	14618 (AMAZON-AES) (AMAZON-AES)
2	199.38.167.54 199.38.167.54	54312 (ROCKETFUEL) (ROCKETFUEL)
1 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:225... 2600:9000:225a:5600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.52 18.66.122.52	16509 (AMAZON-02) (AMAZON-02)
1 6	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 2	52.19.32.187 52.19.32.187	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
4	35.223.93.255 35.223.93.255	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	54.194.129.15 54.194.129.15	16509 (AMAZON-02) (AMAZON-02)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.232.208.82 34.232.208.82	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4232:9c15:4654:b243:bd92	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.86.77 54.76.86.77	16509 (AMAZON-02) (AMAZON-02)
1	54.194.97.242 54.194.97.242	16509 (AMAZON-02) (AMAZON-02)
1 2	18.194.110.242 18.194.110.242	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	54.145.145.153 54.145.145.153	14618 (AMAZON-AES) (AMAZON-AES)
1	52.45.50.76 52.45.50.76	14618 (AMAZON-AES) (AMAZON-AES)
175	62

49 141.193.213.30 (United States) 2 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hegetsus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ba49 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

content.hegetsus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.223.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-223-154.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.112.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-34.fra56.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-94.fra60.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-13.fra56.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.219.205 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-219-205.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

pt.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.238.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-137.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.102.161.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.161.102.34.bc.googleusercontent.com

api-data-connector.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.143.101 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.143.107.34.bc.googleusercontent.com

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:edcc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.108.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-108-227.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.38.167.54 (United States)

ASN54312 (ROCKETFUEL, US)

com-hegetsus.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225a:5600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-52.fra60.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.132.33.46 (United States) 1 redirects

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.32.187 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-32-187.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20841567p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.223.93.255 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 255.93.223.35.bc.googleusercontent.com

hegetsus1dev.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.129.15 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-129-15.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.232.208.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-208-82.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:9c15:4654:b243:bd92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.86.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.97.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-97-242.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.110.242 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-110-242.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.145.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-145-153.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.50.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-50-76.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	hegetsus.com 2 redirects hegetsus.com — Cisco Umbrella Rank: 485280 content.hegetsus.com — Cisco Umbrella Rank: 830736	2 MB
11	abtasty.com try.abtasty.com — Cisco Umbrella Rank: 9014 api-data-connector.abtasty.com — Cisco Umbrella Rank: 389618 dcinfos-cache.abtasty.com — Cisco Umbrella Rank: 11052 ariane.abtasty.com — Cisco Umbrella Rank: 10201	70 KB
8	bttrack.com 1 redirects cdn.bttrack.com — Cisco Umbrella Rank: 6143 bttrack.com — Cisco Umbrella Rank: 736	7 KB
6	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 213	3 KB
5	rfihub.com 2 redirects 20841567p.rfihub.com a.rfihub.com — Cisco Umbrella Rank: 2966 p.rfihub.com — Cisco Umbrella Rank: 720	7 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	248 B
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 5362 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2107 rs.fullstory.com — Cisco Umbrella Rank: 2022	68 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 378	12 KB
4	wpengine.com hegetsus1dev.wpengine.com	141 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 856	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6364	691 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4530 track.hubspot.com — Cisco Umbrella Rank: 2177	2 KB
3	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 5838 people.api.boomtrain.com — Cisco Umbrella Rank: 6200 events.api.boomtrain.com — Cisco Umbrella Rank: 11037	26 KB
3	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 436 ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	196 KB
3	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1168 secure-ds.serving-sys.com — Cisco Umbrella Rank: 1883	9 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 551	604 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 291	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 575	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 516	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 336	107 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 202	2 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 748	537 B
2	netmng.com com-hegetsus.netmng.com — Cisco Umbrella Rank: 968984	6 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2055	1 KB
2	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 38384 ad.ipredictive.com — Cisco Umbrella Rank: 5631	3 KB
2	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 2086	4 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	171 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 555	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 467	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1079	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1183	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1866	109 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 553	617 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 928	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 338	239 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5396	6 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2080	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4391	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2090	16 KB
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1529	157 B
1	ispot.tv pt.ispot.tv — Cisco Umbrella Rank: 2028	313 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 901	9 KB
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1408	8 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2130	869 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	15 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 6243	148 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293	88 KB
175	50

	Domain	Requested by
49	hegetsus.com	2 redirects hegetsus.com
17	content.hegetsus.com	hegetsus.com
6	bttrack.com	1 redirects hegetsus.com cdn.bttrack.com bttrack.com
5	www.facebook.com	hegetsus.com
5	bat.bing.com	hegetsus.com bat.bing.com
4	hegetsus1dev.wpengine.com	hegetsus.com
4	tr.snapchat.com	hegetsus.com sc-static.net
4	www.google.de	hegetsus.com
4	try.abtasty.com	hegetsus.com try.abtasty.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com hegetsus.com
3	p.rfihub.com	2 redirects hegetsus.com
3	ariane.abtasty.com	hegetsus.com
3	rs.fullstory.com	edge.fullstory.com
3	www.google.com	hegetsus.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	hegetsus.com connect.facebook.net
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects hegetsus.com
2	sync.search.spotxchange.com	1 redirects hegetsus.com
2	dsum-sec.casalemedia.com	1 redirects hegetsus.com
2	idsync.rlcdn.com	hegetsus.com
2	dpm.demdex.net	1 redirects hegetsus.com
2	api.hubspot.com	js.usemessages.com
2	bcp.crwdcntrl.net	1 redirects hegetsus.com
2	secure.adnxs.com	1 redirects hegetsus.com
2	com-hegetsus.netmng.com	hegetsus.com com-hegetsus.netmng.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	dcinfos-cache.abtasty.com	hegetsus.com
2	api-data-connector.abtasty.com	hegetsus.com
2	region1.analytics.google.com	www.googletagmanager.com
2	trkn.us	1 redirects hegetsus.com
2	edge.fullstory.com	hegetsus.com edge.fullstory.com
2	live.rezync.com	1 redirects hegetsus.com
2	cdn.bttrack.com	hegetsus.com cdn.bttrack.com
2	bs.serving-sys.com	www.googletagmanager.com hegetsus.com
2	www.googletagmanager.com	hegetsus.com www.googletagmanager.com
1	track.hubspot.com
1	events.api.boomtrain.com	cdn.boomtrain.com
1	people.api.boomtrain.com	cdn.boomtrain.com
1	beacon.krxd.net	hegetsus.com
1	aa.agkn.com	hegetsus.com
1	partners.tremorhub.com	hegetsus.com
1	x.dlx.addthis.com	hegetsus.com
1	bpi.rtactivate.com	hegetsus.com
1	contextual.media.net	hegetsus.com
1	ps.eyeota.net	hegetsus.com
1	pixel.rubiconproject.com	hegetsus.com
1	ib.adnxs.com	hegetsus.com
1	a.rfihub.com	hegetsus.com
1	cm.g.doubleclick.net	1 redirects
1	20841567p.rfihub.com	c1.rfihub.net
1	cdn.boomtrain.com	hegetsus.com
1	c1.rfihub.net	hegetsus.com
1	ad.ipredictive.com	js.ipredictive.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	alb.reddit.com	hegetsus.com
1	secure-ds.serving-sys.com	bs.serving-sys.com
1	pt.ispot.tv	hegetsus.com
1	sc-static.net	hegetsus.com
1	www.redditstatic.com	hegetsus.com
1	js.ipredictive.com	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.hsforms.net	hegetsus.com
1	ajax.googleapis.com	hegetsus.com
175	67

This site contains links to these domains. Also see Links.

Domain
hegetsusfans.com
www.facebook.com
www.youtube.com
www.instagram.com
www.gloo.us

Subject Issuer	Validity	Valid
hegetsus.com Cloudflare Inc ECC CA-3	`2022-09-08` - `2023-09-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
content.hegetsus.com Cloudflare Inc ECC CA-3	`2022-09-07` - `2023-09-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
try.abtasty.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.rezync.com Amazon	`2021-12-26` - `2023-01-23`	a year	crt.sh
*.ipredictive.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-08` - `2022-11-06`	3 months	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.ispot.tv R3	`2022-09-16` - `2022-12-15`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
api-data-connector.abtasty.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
dcinfos-cache.abtasty.com R3	`2022-09-10` - `2022-12-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-03` - `2022-12-30`	6 months	crt.sh
*.fullstory.com R3	`2022-10-12` - `2023-01-10`	3 months	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
ariane.abtasty.com R3	`2022-08-28` - `2022-11-26`	3 months	crt.sh
*.netmng.com Sectigo RSA Domain Validation Secure Server CA	`2022-01-19` - `2023-02-04`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.boomtrain.com Amazon	`2022-03-11` - `2023-04-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.wpengine.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.api.boomtrain.com Amazon	`2022-10-16` - `2023-11-14`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://hegetsus.com/en
Frame ID: B276F308D120B80ECA350AAC891D1420
Requests: 152 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=101842&cache_buster=1667088534&url=https%3A%2F%2Fhegetsus.com%2Fen
Frame ID: A37F9F3A752B912E7836C500C8796DB0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=ac642d43-ad61-45da-a7f7-9af51e5d4c32&u_scsid=31719202-5ee4-4b6f-b7dd-d61220fdc05d&u_sclid=50071ac3-b082-4419-b4cb-fae4248aa0e3
Frame ID: 6D4379DB060964D2559AA3722999F777
Requests: 1 HTTP requests in this frame

Frame: https://20841567p.rfihub.com/ca.html?ver=9&rb=46834&ca=20841567&_o=46834&_t=20841567&pe=https%3A%2F%2Fhegetsus.com%2Fen&pf=&ra=5202096987624234
Frame ID: 9338571E13B14765593FF454C8C6D253
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home - He Gets Us

Page URL History Show full URLs

http://hegetsus.com/ HTTP 301
https://hegetsus.com/ HTTP 307
https://hegetsus.com/en Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

175
Requests

94 %
HTTPS

32 %
IPv6

50
Domains

67
Subdomains

62
IPs

6
Countries

2855 kB
Transfer

5617 kB
Size

58
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://hegetsusfans.com/
Title: Give Love. Get Gear.

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HeGetsUs
Title: FB

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC5fsTA7ZSLf513EUdUX8sPA
Title: YT

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hegetsus/
Title: IG

Search URL Search Domain Scan URL

URL: https://www.gloo.us/legal/privacy-statement
Title: Privacy Statement

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hegetsus.com/ HTTP 301
https://hegetsus.com/ HTTP 307
https://hegetsus.com/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://trkn.us/pixel/conv/ppt=20035;g=site-visit;gid=46796;ord=[uniqueid] HTTP 302
https://trkn.us/pixel/conv/ppt=20035;g=site-visit;gid=46796;ord=[uniqueid];ip=146.70.117.101;cuidchk=1

Request Chain 97

https://secure.adnxs.com/seg?add=31223599&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31223599%26t%3D1

Request Chain 104

https://bttrack.com/Pixel/Conversion/15951/default?type=img HTTP 302
https://bcp.crwdcntrl.net/5/c=6411/b=99875872 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6411/b=99875872

Request Chain 139

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQxOTY2ODg0ODE3Ng==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJ09SSnii8siDepEDNAbMjE&google_cver=1

Request Chain 142

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455419668848176&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419668848176&redir=

Request Chain 143

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5134455419668848176&bid=omt9pi0

Request Chain 146

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419668848176&referrer=https%3A%2F%2Fhegetsus.com%2Fen HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db1572ca7-cd05-43f3-b043-6a8b45c1ffb4%253A1667088534.3216448 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448

Request Chain 148

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419668848176&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419668848176&forward=&C=1

Request Chain 151

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419668848176&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419668848176&img=1&__user_check__=1&sync_id=0b1cdc8a-57e7-11ed-a60c-1ce730eb0106

Request Chain 155

https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419668848176&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419668848176&expires=30

Request Chain 156

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y13AlwAAAYs48gAO HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y13AlwAAAYs48gAO&_test=Y13AlwAAAYs48gAO

175 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request en Show response
hegetsus.com/
Redirect Chain

http://hegetsus.com/
https://hegetsus.com/
https://hegetsus.com/en

55 KB
13 KB

216ms
213ms

Document
text/html

141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

08e2dd06a2623e00cb307c30ce4f24e386c1f8324a8d8fb92181b65a75a9ebbd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: MISS
cf-ray: 761feb420ee7d5f5-CDG
content-encoding: br
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-type: text/html; charset=utf-8
date: Sun, 30 Oct 2022 00:08:52 GMT
last-modified: Sun, 30 Oct 2022 00:08:52 GMT
server: cloudflare
vary: Accept-Encoding
x-envoy-upstream-service-time: 18
x-powered-by: WP Engine Atlas

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: MISS
cf-ray: 761feb411e36d5f5-CDG
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
date: Sun, 30 Oct 2022 00:08:52 GMT
location: /en
server: cloudflare
vary: Accept-Encoding
x-envoy-upstream-service-time: 3
x-powered-by: WP Engine Atlas

GET
H3 200 b34ae27a4a7ab0a7.css
hegetsus.com/_next/static/css/ 8 KB
3 KB 28ms
27ms Stylesheet
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

437cb29b00c6e9fba3e3720954645b621092eef7d4e1e03845b3a58c924d5a08

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114655
etag: W/"2080-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 8
cf-ray: 761feb437b26bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2a41188e7a997ebf.css
hegetsus.com/_next/static/css/ 42 KB
7 KB 35ms
31ms Stylesheet
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/2a41188e7a997ebf.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e33796c082c5afa46e755b33a9b2515adf5ad526ea1641460742a885e7203e8e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"a7b3-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 9
cf-ray: 761feb438b37bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 84d6bd0484d96b9d.css
hegetsus.com/_next/static/css/ 20 KB
4 KB 31ms
29ms Stylesheet
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

477ab4b51875ebc6032009a089decac8fa13678113532710f677b74aecba093d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"50b0-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb438b39bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 e7c014f1e84c62d1.css
hegetsus.com/_next/static/css/ 2 KB
1 KB 31ms
30ms Stylesheet
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/e7c014f1e84c62d1.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

67fa22be9a14fe7ea92a7031849ae0bebdfd7aa7337c8ce8bfd445782d11bbb6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"9cc-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 6
cf-ray: 761feb438b3bbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 60ms
15ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 20:28:34 GMT
x-content-type-options: nosniff
age: 13219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Oct 2023 20:28:34 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 586 KB
148 KB 894ms
853ms Script
application/javascript 2606:4700::6811:ba49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2752516833d95c15aa10680a6fdd40dfc87a5ca5350ec8fea0317bdac0a4eceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
x-amz-version-id: Fk8MIKAUTK4P_pAiQqOjPM0z5kreiL8c
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD12-P3
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 27 Oct 2022 10:25:42 UTC
server: cloudflare
etag: W/"fb6f44d367b9a232946b64c51dd98d53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAd%2Bwh7p%2FH97XL18sGISigtlI6lv%2BiAPwLRw2exhQHWmtk36fPAyZRhZy6AqDL%2BuILN9gb%2BAsvRMJs%2BXvhyLb7Aj%2FzPg5eKZqqWKM%2Fvvn3jXMQdGqIzY30ZDRO2bCaV8%2BjicSwhZVwfGsUQ7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 761feb43fe8c9028-FRA
x-amz-cf-id: U0XwB9md1mubJyxqu9sormeY0hQdiSxEFrd68ejjTErHuOrRspYpsQ==
x-hs-target-asset: FormsNext/static-5.547/bundles/project_with_deps.js

GET
H3 200 webpack-074c0790f8159c54.js Show response
hegetsus.com/_next/static/chunks/ 2 KB
1 KB 30ms
27ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/webpack-074c0790f8159c54.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

1c2bf8f497badde115c49c830aa44a4107ca53d966cfa59bbf35bc242ad5cf24

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"683-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 6
cf-ray: 761feb43cb7bbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 framework-4556c45dd113b893.js Show response
hegetsus.com/_next/static/chunks/ 138 KB
45 KB 46ms
43ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/framework-4556c45dd113b893.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"22682-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 12
cf-ray: 761feb43cb7cbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main-ccfab947c79712f4.js Show response
hegetsus.com/_next/static/chunks/ 108 KB
32 KB 63ms
59ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

034483fc6e188f0f0103ff2ac6ad6f1872a355f9d57b3c07dbe3ade221a4bb8c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"1b10b-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 7
cf-ray: 761feb43cb7dbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _app-5f2bf1d7e6b8c3b3.js Show response
hegetsus.com/_next/static/chunks/pages/ 207 KB
61 KB 78ms
75ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/_app-5f2bf1d7e6b8c3b3.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

ad1f5496e603da320a872f824b89529a418d57b7c060200a8a55cfdc6dbd88dd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"33d66-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 9
cf-ray: 761feb43cb7ebb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 537-12855b40c1768dde.js Show response
hegetsus.com/_next/static/chunks/ 109 KB
40 KB 45ms
42ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/537-12855b40c1768dde.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

716fb58ad47eaf2e58e33938c37a5d36a1781188c7fc71a74704b8ccefa1e024

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"1b50d-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 8
cf-ray: 761feb43cb7fbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 785-a87d7dfa4f9eac2f.js Show response
hegetsus.com/_next/static/chunks/ 28 KB
9 KB 30ms
27ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/785-a87d7dfa4f9eac2f.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

3e4340a38652063e82497764b2282a7849f22856c17af052368d44e455ab59f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"7122-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb43cb80bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 544-cc14e08f37bac4d3.js Show response
hegetsus.com/_next/static/chunks/ 37 KB
9 KB 94ms
91ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/544-cc14e08f37bac4d3.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

98dfdae0bc890aea5ea4a9e955d7cd7dade0272b731ddc4441294e15bd1f83c6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114655
etag: W/"928e-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb43cb81bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 338-ffc6309f2a1da545.js Show response
hegetsus.com/_next/static/chunks/ 10 KB
4 KB 30ms
27ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/338-ffc6309f2a1da545.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

19d21c07877ac0c462d451d3a2789318f0c2b239c7fef2236f1eb5084bce3098

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114655
etag: W/"275e-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 3
cf-ray: 761feb43cb84bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 index-d1bbae2f65ebf562.js Show response
hegetsus.com/_next/static/chunks/pages/ 10 KB
3 KB 95ms
92ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/index-d1bbae2f65ebf562.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

397c2cff914ba04842faf9e1453bd84633db8094b0597a971459297686fdf80d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"28c6-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb43cb86bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _buildManifest.js Show response
hegetsus.com/_next/static/uTFDxa-a7uzRfNDN4HlMq/ 2 KB
1 KB 30ms
28ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/uTFDxa-a7uzRfNDN4HlMq/_buildManifest.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

945624698e704557bfe0c345e56b8fe98a161f7c6cea738d76f5a346d5f44ea7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26353
etag: W/"868-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 3
cf-ray: 761feb43cb88bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 _ssgManifest.js Show response
hegetsus.com/_next/static/uTFDxa-a7uzRfNDN4HlMq/ 91 B
605 B 95ms
92ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/uTFDxa-a7uzRfNDN4HlMq/_ssgManifest.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114655
etag: W/"5b-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb43cb89bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 ProximaNova.otf
hegetsus.com/fonts/ 152 KB
80 KB 183ms
182ms Font
font/otf 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/fonts/ProximaNova.otf

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

ce6df16d26aec9364991b4b964b8a2e23ea150c3456fe19db40fe6538657ac47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer: https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css
Origin: https://hegetsus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"25f0c-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=0
x-envoy-upstream-service-time: 6
cf-ray: 761feb43cb8abb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 searchInput.svg
hegetsus.com/ 1 KB
1 KB 153ms
152ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/searchInput.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/2a41188e7a997ebf.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

2fdf0bc645b1f658b9ed7deb8831ae8500b380e5977db18de8dd439cbd089397

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/_next/static/css/2a41188e7a997ebf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"4c8-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 3
cf-ray: 761feb43cb8bbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 arrowDown.svg
hegetsus.com/ 196 B
664 B 145ms
145ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/arrowDown.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/2a41188e7a997ebf.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

6ec05b1702cd59429a228f64a7c85492f49ddbd1ebfd6a4cdca76c78d84f4c94

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/_next/static/css/2a41188e7a997ebf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"c4-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 3
cf-ray: 761feb43cb8ebb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 ProximaNova-Light.otf
hegetsus.com/fonts/ 61 KB
41 KB 184ms
184ms Font
font/otf 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/fonts/ProximaNova-Light.otf

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer: https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css
Origin: https://hegetsus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:53 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f5f8-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=0
x-envoy-upstream-service-time: 5
cf-ray: 761feb43dba5bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
94 KB 81ms
42ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bf301988816be0f83195ff867b987d3ac8e178395a862de9959092c5aa337d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95336
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Oct 2022 00:08:54 GMT

OPTIONS
H2 200 graphql
content.hegetsus.com/ Frame 0
0 514ms
443ms Preflight
application/json 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://content.hegetsus.com/graphql?query=query%20TrendingTopic(%24lang%3A%20String)%20%7B%0A%20%20tags(where%3A%20%7BtrendingTopics%3A%20true%2C%20languageThisTagIs%3A%20%24lang%7D)%20%7B%0A%20%20%20%20nodes%20%7B%0A%20%20%20%20%20%20id%0A%20%20%20%20%20%20name%0A%20%20%20%20%20%20slug%0A%20%20%20%20%20%20trendingTopic%20%7B%0A%20%20%20%20%20%20%20%20trendingTopics%0A%20%20%20%20%20%20%20%20postsFeatured%20%7B%0A%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20...%20on%20Post%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20featuredImage%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20node%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20sourceUrl%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20altText%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20tags(first%3A%205)%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20nodes%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20name%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20slug%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20id%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20uri%0A%20%20%20%20%20%20%20%20%20%20%20%20id%0A%20%20%20%20%20%20%20%20%20%20%20%20postId%0A%20%20%20%20%20%20%20%20%20%20%20%20title%0A%20%20%20%20%20%20%20%20%20%20%20%20posts%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20audio%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20guid%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20video%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20subHeader%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20headerImage%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20altText%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20sourceUrl%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20__typename%0A%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20__typename%0A%20%20%20%20%7D%0A%20%20%20%20__typename%0A%20%20%7D%0A%7D&operationName=TrendingTopic&variables=%7B%22lang%22%3A%22en%22%7D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hegetsus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 761feb4ab8f3f097-CDG
content-type: application/json ; charset=UTF-8
date: Sun, 30 Oct 2022 00:08:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vmrioj9WxdKFaQnbAnjyrhq6uUgDLhW9gzguMVfU8KnfE4Blk9M9gvJbMVliB3g1qCR5ZhKs9QdRLCyqiQxiwHEYLq5jz9kiJxRvxPEliXfXIgD9rY1Oeykm1HzWK9STPlwyzuY8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-graphql-keys: graphql:Query
x-graphql-query-id
x-graphql-url: https://content.hegetsus.com/graphql
x-powered-by: WP Engine
x-robots-tag: noindex

GET
H3 200 graphql Show response
content.hegetsus.com/ 15 KB
4 KB 493ms
470ms Fetch
application/json 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/pages/_app-5f2bf1d7e6b8c3b3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

c8b751342d1b12aaf8a1d0350a7a55dc090575fa555b554fe9c7be71d287d333

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept: */*
Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
x-graphql-url: https://content.hegetsus.com/graphql
x-content-type-options: nosniff
x-graphql-query-id: f973ff5f84ad3d8cbe5b898ba3b19765
x-cacheable: SHORT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-group: normal
content-encoding: br
x-powered-by: WP Engine
x-cache: HIT: 4
cf-cache-status: DYNAMIC
x-graphql-keys: f973ff5f84ad3d8cbe5b898ba3b19765 graphql:Query list:tag dGVybToxNzE= dGVybToxNzQ= dGVybToxNzM= dGVybToxNzA= dGVybToxNzI= cG9zdDoyNTQ= cG9zdDoyNTU= cG9zdDoyNTE= cG9zdDoyNDg= cG9zdDozNjk= cG9zdDoyNjk= cG9zdDoyNjQ= cG9zdDoyNjU= cG9zdDoyNTg= cG9zdDoyNTk= cG9zdDoyNzA= cG9zdDoyNzE= cG9zdDoyNTI= cG9zdDoyNTM= cG9zdDoyNjA= cG9zdDoyNjE= cG9zdDoyNTY= cG9zdDoyNTc= cG9zdDozODY= dGVybToxODQ= cG9zdDozODc= cG9zdDoyNjg= cG9zdDoyNjI= cG9zdDoyNjM=
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
xkeyprefix: https://content.hegetsus.com/graphql
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
access-control-max-age: 600
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zQDxTZDAIA%2BPaypqTFZOPlXF8KZ%2BrT0RfDI2K0mWfvJxtYuOIM7Tr61KXxcnbuuXpjpkukzY7n%2FyF%2B3iXxEjNX6i30uNH4ed9KTjp3zzYpNohcFBHvAZdUQ%2FxpftkSzvNwnB1yR"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=600, must-revalidate
x-robots-tag: noindex
access-control-allow-headers: Authorization, Content-Type
cf-ray: 761feb4d9f1b9b7a-FRA

GET
H2 200 hgu-banner-home-eng-20221020-scaled.jpg
content.hegetsus.com/wp-content/uploads/2022/10/ 204 KB
205 KB 616ms
574ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/10/hgu-banner-home-eng-20221020-scaled.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca79531b35de5b1b4ca8360d5e8ddf33071ec08881717a5dc8c682346cfd79e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Oct 2022 14:10:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6352a849-32fdd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r5Y1W9NvsqGlY%2FVGjDtZT2s8wxRtPS63N5Ah5awXrBzHqNs0EqhgCczzobCPOacp3POkBZBGynWFAUSe3DXtP2g1Pm5UQ3ZLUtpJ9kZQ3T%2FZGO%2BRR7KAOWWgSc%2BiThxXqcDlXNGR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4a8efcbbc1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208861

GET
H3 200 logo.svg
hegetsus.com/ 6 KB
3 KB 151ms
150ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/logo.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

428a94e98f91a5680a171cdc7f01c2321778a4599e7ef8677f841147314bc8ce

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"1933-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 9
cf-ray: 761feb4a5b3bbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 shareFooter.svg
hegetsus.com/ 1 KB
1 KB 238ms
237ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/shareFooter.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

491f93fffba5238bf69ac3dbd187ece8b493792f7675c96e5256f730a6c0c632

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"4d1-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 4
cf-ray: 761feb4a5b3dbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 about-us-59653c11730542fa.js
hegetsus.com/_next/static/chunks/pages/ 0
2 KB 24ms
23ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/about-us-59653c11730542fa.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114654
etag: W/"b70-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4a5b41bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 253-3e7528e5cb5ff145.js
hegetsus.com/_next/static/chunks/ 0
8 KB 37ms
37ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/253-3e7528e5cb5ff145.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114654
etag: W/"62bc-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4a5b44bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 connect-b3e85e4338a156f2.js
hegetsus.com/_next/static/chunks/pages/ 0
3 KB 22ms
21ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/connect-b3e85e4338a156f2.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26352
etag: W/"2048-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb4a5b45bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 privacy-notice-e451fe3f4d4a97ed.js
hegetsus.com/_next/static/chunks/pages/ 0
1018 B 24ms
23ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/privacy-notice-e451fe3f4d4a97ed.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114654
etag: W/"35f-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb4a5b47bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 2a41188e7a997ebf.css Show response
hegetsus.com/_next/static/css/ 42 KB
7 KB 36ms
35ms Fetch
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/2a41188e7a997ebf.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e33796c082c5afa46e755b33a9b2515adf5ad526ea1641460742a885e7203e8e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26354
etag: W/"a7b3-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 9
cf-ray: 761feb4a5b4abb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 84d6bd0484d96b9d.css Show response
hegetsus.com/_next/static/css/ 20 KB
4 KB 36ms
36ms Fetch
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

477ab4b51875ebc6032009a089decac8fa13678113532710f677b74aecba093d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26354
etag: W/"50b0-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb4a5b4bbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 e7c014f1e84c62d1.css Show response
hegetsus.com/_next/static/css/ 2 KB
1 KB 37ms
36ms Fetch
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/e7c014f1e84c62d1.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

67fa22be9a14fe7ea92a7031849ae0bebdfd7aa7337c8ce8bfd445782d11bbb6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26354
etag: W/"9cc-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 6
cf-ray: 761feb4a5b4cbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Oct 2022 23:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3180
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 30 Oct 2022 01:15:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 112ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15175
x-xss-protection: 0
server: cafe
etag: 2727272090050510172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Oct 2022 00:08:54 GMT

GET
H2 200 ActivityServer.bs Show response
bs.serving-sys.com/Serving/ 1 KB
1 KB 92ms
19ms Script
text/html 18.192.223.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=1073791462&rnd=7330644
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.223.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-223-154.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 75ad109a7be955c0bc1d8c97a29e6814ea45f13163f3bd931bde56ff41e8d992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 578
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 21516988.js Show response
js.hs-scripts.com/ 1 KB
869 B 182ms
128ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/21516988.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac4bf39930c87381df13eb2f9e3c1f8e8c4e96dbd84a276edd56c73161fc8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 29 Oct 2022 21:03:56 GMT
server: cloudflare
x-hubspot-correlation-id: 92449cb6-b605-4a0d-8845-5b9b04ca7363
x-trace: 2B7BB6FF1534328E66B409309DD4B752693DC4F4A2000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://hegetsus.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 761feb4b0f6890ae-FRA
expires: Sun, 30 Oct 2022 00:09:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 87ms
40ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 30 Oct 2022 00:08:53 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B194BF2D3A89408CA30F343E1849BB21 Ref B: FRAEDGE1917 Ref C: 2022-10-30T00:08:54Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11376

GET
H2 200 d54db69a450246fcfc6a5da070bd6138.js Show response
try.abtasty.com/ 199 KB
58 KB 90ms
20ms Script
application/javascript 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/d54db69a450246fcfc6a5da070bd6138.js
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a8fff3b767d8729496cb9b302ec700130fd28755eef7f6c1ad9a9466201c1f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 15:38:02 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Fri, 28 Oct 2022 15:25:52 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 30653
etag: W/"52d75c5b69aba792c009b2f4f2d1f02d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=86400,max-age=30
x-amz-cf-id: Xc9uEJ03cvR21f4TFd9U-9VMWLxdPllaROJyUtdc7KvETk-eSEdRkA==

GET
H/1.1 200
OK 44940 Show response
cdn.bttrack.com/universal/ 2 KB
2 KB 311ms
195ms Script
application/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/universal/44940
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 343e318bcca305dc01124331523d7df03bc313f477523575d05df5d962c60b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 00:08:54 GMT
Cache-Control: max-age=900
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2222
X-HW: 1667088534.dop228.lo4.t,1667088534.cds320.lo4.shn,1667088534.dop228.lo4.t,1667088534.cds286.lo4.p
Content-Type: application/javascript; charset=utf-8

GET
H2 200 sync Show response
live.rezync.com/ 3 KB
4 KB 302ms
245ms Script
application/javascript 18.66.122.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=ee9b5c314d59f4e04d3a92f8622b0cdf&k=he-gets-us-pixel-8972&zmpID=he-gets-us&cache_buster=1390343621938422
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-94.fra60.r.cloudfront.net
Software: lighttpd/1.4.59 /
Resource Hash: f500dd9eecad6cb9e2ab85744a0057c0b678be56354fc4f778d508cf40f717e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
via: 1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
server: lighttpd/1.4.59
x-amz-cf-pop: FRA60-P2
vary: Cookie
x-cache: Miss from cloudfront
content-type: application/javascript
content-length: 3024
x-amz-cf-id: A_Nu3B0kOQxI9-Z4O9zr5B-aKhHf1jk-ROBZtLI1eszERskWTrsWvQ==

GET
H2 200 adelphic_universal_pixel.js Show response
js.ipredictive.com/ 2 KB
2 KB 66ms
14ms Script
application/javascript 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 23:27:48 GMT
via: 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
last-modified: Fri, 30 Sep 2022 15:42:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 2510
etag: "83b469155694c51d4c5581028a6788bc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2108
x-amz-cf-id: Q9C2L6PliG-Or5na0y6W5A9-ZzQNrs_tZsIHlsPvixeuTzNZEWwHlw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 54ms
18ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Oct 2022 00:08:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: p6rC/t5EJC7Zf5o+sCJ5KudGG079WtGSqwuuv5/PK+s5+iABAp4jwAZZ5DsTCvOlrvxaoeDpvPbf1MWWVMbL3A==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 64ms
20ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Tue, 19 Jul 2022 22:48:09 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "95212d33cfff78ad59f5af5b20c48c53"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 257 KB
65 KB 54ms
15ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c02c39312062b70db1e8c9eabafcd7adaec452805512fe73438d7249fe714172

Request headers

Referer: https://hegetsus.com/
Origin: https://hegetsus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 23:41:12 GMT
content-encoding: br
age: 1662
x-guploader-uploadid: ADPycdvoPr6x_p-NIwQMU2chAlgKncTIyLjpM_mOwihFEgTcVhJEl3UUllEIAYBmjcgPny8mMXkn1SI8qArz2uoFxovRO3G_PxEa
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65504
last-modified: Wed, 26 Oct 2022 16:33:55 GMT
server: UploadServer
etag: "bf20ef04cd58c8bf7f21ee128f6eb875"
vary: Accept-Encoding
x-goog-generation: 1666802035880972
x-goog-hash: crc32c=drrJ7Q==, md5=vyDvBM1YyL9/Ie4Sj264dQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 65504
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 30 Oct 2022 00:41:12 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 87ms
31ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: jVhbCFjRWE3P9vWaNAHq4gL5pj4MN9w6UXWZobVVagSi36BligNLcw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
77 KB 72ms
34ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-81D9T8QJTW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K2ZJ4T2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e45c7e9cf70c4ebbe573d00e3da2cd8ed6446e38a7b8305951fd7ba41734c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 30 Oct 2022 00:08:54 GMT

GET
H/1.1

200
OK

ppt=20035;g=site-visit;gid=46796;ord=[uniqueid];ip=146.70.117.101;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=20035;g=site-visit;gid=46796;ord=[uniqueid]
https://trkn.us/pixel/conv/ppt=20035;g=site-visit;gid=46796;ord=[uniqueid];ip=146.70.117.101;cuidchk=1

42 B
780 B

117ms
117ms

Image
image/gif

54.82.219.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=20035;g=site-visit;gid=46796;ord=[uniqueid];ip=146.70.117.101;cuidchk=1

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

HTTP/1.1

Server

54.82.219.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-219-205.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:54 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sun, 30 Oct 2022 00:08:54 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=20035;g=site-visit;gid=46796;ord=[uniqueid];ip=146.70.117.101;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2 200 TC-4895-2.gif
pt.ispot.tv/v2/ 43 B
313 B 101ms
29ms Image
image/gif 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt.ispot.tv/v2/TC-4895-2.gif?app=web&type=visit&customdata=en,channel_utmcsr_%28direct%29%7Cutmcmd_%28none%29&uid=googleID_undefined
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 43
expires: 0

GET
H3 200 about-us-59653c11730542fa.js Show response
hegetsus.com/_next/static/chunks/pages/ 3 KB
2 KB 23ms
22ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/about-us-59653c11730542fa.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

60c2f3a696ac625ae2a214a4c5f5c2c7a51982b5501146165e6d95350b8c7b4d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114654
etag: W/"b70-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4acbd3bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 privacy-notice-e451fe3f4d4a97ed.js Show response
hegetsus.com/_next/static/chunks/pages/ 863 B
1018 B 24ms
23ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/privacy-notice-e451fe3f4d4a97ed.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

f016457c62586c46ba195f79701a295ecfe498244c641cbdfd92718dd01b7a51

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114654
etag: W/"35f-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb4acbd5bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 253-3e7528e5cb5ff145.js Show response
hegetsus.com/_next/static/chunks/ 25 KB
8 KB 34ms
33ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/253-3e7528e5cb5ff145.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

a3d1ee6dba1740907e52cf9fc741c9502d6964093a1d31d6d0ee602bf5fc937b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114654
etag: W/"62bc-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4acbd6bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 connect-b3e85e4338a156f2.js Show response
hegetsus.com/_next/static/chunks/pages/ 8 KB
3 KB 27ms
26ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/connect-b3e85e4338a156f2.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

5338571afeeb2dd831407d5cb6fec278508ac766952bac2c5e23c565e381c80f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26352
etag: W/"2048-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 5
cf-ray: 761feb4acbd7bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 4be30c3a8596b379.css Show response
hegetsus.com/_next/static/css/ 5 KB
1 KB 28ms
27ms Fetch
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/4be30c3a8596b379.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e4a7990208e308b7daac68cd412081588b1efe3940de2a8dc1aec7fcf74c8c7b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 26352
etag: W/"148d-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 3
cf-ray: 761feb4acbd8bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 56ms
22ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1645503403&t=pageview&_s=1&dl=https%3A%2F%2Fhegetsus.com%2Fen&ul=en-us&de=UTF-8&dt=Home%20-%20He%20Gets%20Us&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1029291570&gjid=746142950&cid=2108977737.1667088534&tid=UA-59093344-1&_gid=1242339093.1667088534&_r=1&gtm=2wgaq0K2ZJ4T2&cd6=He%20Gets%20Us&z=1471433327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 53ms
23ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1645503403&t=pageview&_s=1&dl=https%3A%2F%2Fhegetsus.com%2Fen&ul=en-us&de=UTF-8&dt=Home%20-%20He%20Gets%20Us&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=697257504&gjid=678112396&cid=2108977737.1667088534&tid=UA-213919952-1&_gid=1242339093.1667088534&_r=1&gtm=2wgaq0K2ZJ4T2&z=474993105

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 390250656627131 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 89ms
71ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/390250656627131?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

81d91a338a5fcf58b56459e79fa48cdbcfb6e52d96707e85c5ed3581adb80670

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Oct 2022 00:08:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: jMYR3sOFpVnEUIXEOfVaG50V4kqRqlEkdLpiPUERLcuFhM3lR28GCCVLPTJHa5pjt/roV6UVF/Eocyv8J/VDFg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 137014514.js Show response
bat.bing.com/p/action/ 0
116 B 45ms
42ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137014514.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Oct 2022 00:08:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 98DB4C2C88524226A584B5F148CE6ADD Ref B: FRAEDGE1917 Ref C: 2022-10-30T00:08:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 97ms
97ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137014514&Ver=2&mid=2773d615-67ee-41f1-91a3-78c39876fbca&sid=0a7377d057e711ed9cb05d79d40c4629&vid=0a73d13057e711ed86915b3f1a9514ed&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20-%20He%20Gets%20Us&p=https%3A%2F%2Fhegetsus.com%2Fen&r=&lt=1568&evt=pageLoad&sv=1&rn=375780

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Oct 2022 00:08:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BC3EEDC7714740708F7B9115A5EFFA54 Ref B: FRAEDGE1917 Ref C: 2022-10-30T00:08:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 146000789.js Show response
bat.bing.com/p/action/ 0
118 B 117ms
117ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/146000789.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 30 Oct 2022 00:08:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CFF9161C90514F338AB46AC0890749DF Ref B: FRAEDGE1917 Ref C: 2022-10-30T00:08:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 93ms
93ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=146000789&Ver=2&mid=d511c067-b268-4076-9810-31eda002f455&sid=0a7377d057e711ed9cb05d79d40c4629&vid=0a73d13057e711ed86915b3f1a9514ed&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Home%20-%20He%20Gets%20Us&p=https%3A%2F%2Fhegetsus.com%2Fen&r=&lt=1568&evt=pageLoad&sv=1&rn=743036

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 30 Oct 2022 00:08:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F7EC5BBDE5C24525849D009FC71A115E Ref B: FRAEDGE1917 Ref C: 2022-10-30T00:08:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ebAttribution.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 24 KB
8 KB 91ms
16ms Script
application/javascript 2.16.238.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebAttribution.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/ActivityServer.bs?cn=as&ActivityID=1073791462&rnd=7330644
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-137.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C1
etag: W/"8440d88fdf94d6823ae9ecb94a935255"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=418
accept-ranges: bytes
x-amz-cf-id: KjcXS2VtJ2HxMcagQLvo9L8_1Pr8qQsywdETgZdcTHqIG3Z9-Gvlew==
content-length: 7894

POST
H2 204 collect
region1.analytics.google.com/g/ 0
344 B 68ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-81D9T8QJTW&gtm=2oeaq0&_p=1645503403&_gaz=1&cid=2108977737.1667088534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fhegetsus.com%2Fen&dr=&sid=1667088534&sct=1&seg=0&dt=Home%20-%20He%20Gets%20Us&en=page_view&_fv=1&_ss=1&ep.page_path=%2Fen&ep.content_group=(not%20set)&ep.content_language=(not%20set)&ep.content_status=(not%20set)
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81D9T8QJTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 84ms
28ms Ping
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-81D9T8QJTW&cid=2108977737.1667088534&gtm=2oeaq0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81D9T8QJTW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-81D9T8QJTW&cid=2108977737.1667088534&gtm=2oeaq0&aip=1&z=774623345

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 80ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-59093344-1&cid=2108977737.1667088534&jid=1029291570&gjid=746142950&_gid=1242339093.1667088534&_u=YEBAAEAAAAAAACAAI~&z=2117941469

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 79ms
27ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-213919952-1&cid=2108977737.1667088534&jid=697257504&gjid=678112396&_gid=1242339093.1667088534&_u=YEDAAEABAAAAACAAI~&z=1004014964

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 hqgw3mgqv1rp2v5y
api-data-connector.abtasty.com/accounts/d54db69a450246fcfc6a5da070bd6138/segments/ Frame 0
0 83ms
31ms Preflight 34.102.161.46
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-data-connector.abtasty.com/accounts/d54db69a450246fcfc6a5da070bd6138/segments/hqgw3mgqv1rp2v5y?partner=ga4audiences
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.161.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 46.161.102.34.bc.googleusercontent.com
Software: - /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://hegetsus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-origin: https://hegetsus.com
allow: GET, OPTIONS, POST
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 30 Oct 2022 00:08:54 GMT
server: -
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
via: 1.1 google
x-envoy-decorator-operation: -
x-envoy-upstream-service-time: 0

GET
H2 200 analytics.d1860a27a266878aa5ea.js Show response
try.abtasty.com/shared/ 34 KB
9 KB 16ms
16ms Script
application/javascript 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.d1860a27a266878aa5ea.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/d54db69a450246fcfc6a5da070bd6138.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 725a7c3f25d19e7d60302c0a274b20289a3c8f8c8c7cdcdac558a78c2fc46ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 12:24:54 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 27 Oct 2022 12:24:48 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 215041
etag: W/"362a9d3de3af4ffe1eb2b7c3f9492642"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-id: QOcKVHks1Cp9E_tjLgrXayFh76GKnIIitqwAfW4M0RhlnUZwrn0PEw==

GET
H2 200 geoip Show response
dcinfos-cache.abtasty.com/v1/ 417 B
352 B 82ms
29ms Fetch
application/json 34.107.143.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/geoip?weather=false

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

bef921d78a79645a165d82db6f3617aece4ee5b4a49912d327752dde5c833ed8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-decorator-operation: -
server: -
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=600
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 120 B
361 B 80ms
27ms Fetch
application/json 34.107.143.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

476bc45ff8c29254d002b7948f859fb5c3bc06c0ec33ba3ac6ccb57411aae7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-envoy-decorator-operation: -
server: -
via: 1.1 google
vary: Accept-Encoding,User-Agent
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 hqgw3mgqv1rp2v5y Show response
api-data-connector.abtasty.com/accounts/d54db69a450246fcfc6a5da070bd6138/segments/ 2 B
20 B 67ms
33ms Fetch
application/json 34.102.161.46
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-data-connector.abtasty.com/accounts/d54db69a450246fcfc6a5da070bd6138/segments/hqgw3mgqv1rp2v5y?partner=ga4audiences
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.161.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 46.161.102.34.bc.googleusercontent.com
Software: - /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
content-type: application/json

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
x-envoy-decorator-operation: -
via: 1.1 google
server: -
vary: Origin
content-type: application/json
access-control-allow-origin: https://hegetsus.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 204 collect
www.google-analytics.com/g/ 0
0 48ms
16ms Fetch
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?tid=G-81D9T8QJTW&cid=2108977737.1667088534&up.abtasty_visitor_id=hqgw3mgqv1rp2v5y&v=2&en=abtasty
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Oct 2022 17:55:04 GMT
server: Golfe2
age: 22430
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 893885.1113476.json Show response
try.abtasty.com/d54db69a450246fcfc6a5da070bd6138/ 715 B
1 KB 48ms
17ms Fetch
application/json 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/d54db69a450246fcfc6a5da070bd6138/893885.1113476.json?993e45600b76fc5c9a0adc7e87235f12
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: b36f049b39ca446197399407316d5eba758d3bbdb54c72e19cc7385ce73259d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 10:20:35 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Mon, 17 Oct 2022 20:23:03 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 222499
etag: "ae25c5c60d864a2de989958a02aeecb6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=604800,max-age=604800
accept-ranges: bytes
content-length: 715
x-amz-cf-id: kyDJg7P7NDGtAhU3d-p5xcRpVEjVPvn9Kbu2nlrjrQ89kD4Bp_9inQ==

GET
H2 200 904872.1128396.json Show response
try.abtasty.com/d54db69a450246fcfc6a5da070bd6138/ 327 B
729 B 48ms
17ms Fetch
application/json 18.66.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/d54db69a450246fcfc6a5da070bd6138/904872.1128396.json?93474b49897ba5375165bd604dd776c3
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-34.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ea1cb006df3c1f6440b990de572be3b3b5930394856d0d2c749471fdecf43a86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 01:53:22 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Mon, 17 Oct 2022 20:23:03 GMT
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 339333
etag: "d9cbb1a6ccff5313ea784e8640fab83b"
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: s-maxage=604800,max-age=604800
accept-ranges: bytes
content-length: 327
x-amz-cf-id: t7lCqYJRZrF3ReeFo3lzxUICmo64893DD96fDICyQLduBKjKqZwXdA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-381512977/ 43 B
691 B 69ms
28ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-381512977/?random=1667088534414&cv=9&fst=1667088534414&num=1&rdp=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhegetsus.com%2Fen&tiba=Home%20-%20He%20Gets%20Us&auid=1597333172.1667088534&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-10808808638/ 2 KB
1 KB 70ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-10808808638/?random=1667088534416&cv=9&fst=1667088534416&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fhegetsus.com%2Fen&tiba=Home%20-%20He%20Gets%20Us&auid=1597333172.1667088534&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bccd80751060354297223a0274808ceb3ee5c796384eec605c342559a1282cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1009
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 67ms
27ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59093344-1&cid=2108977737.1667088534&jid=1029291570&_u=YEBAAEAAAAAAACAAI~&z=1206892331

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 62ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-59093344-1&cid=2108977737.1667088534&jid=1029291570&_u=YEBAAEAAAAAAACAAI~&z=1206892331

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 434ms
392ms Image
image/gif 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1667088534432&id=t2_s3yaxv6w&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=8b7e29eb-2e19-41fe-979f-48203d9981cd&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 page Show response
rs.fullstory.com/rec/ 4 KB
2 KB 365ms
312ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 981d70456f3d9bbfd1a8586a957c83adede1e79da4519947aa7c3aa32b1b397b

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hegetsus.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1491

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 27ms
27ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213919952-1&cid=2108977737.1667088534&jid=697257504&_u=YEDAAEABAAAAACAAI~&z=2085859295

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 26ms
26ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-213919952-1&cid=2108977737.1667088534&jid=697257504&_u=YEDAAEABAAAAACAAI~&z=2085859295

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 21516988.js Show response
js.hs-banner.com/ 60 KB
16 KB 191ms
143ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/21516988.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21516988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9a10d631d51e724160672105e820441ada7d150b4b67e3941ca98781fedde16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
x-amz-version-id: iv.GverKix_y9zSybProXkW0yXp17rWg
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: Q73FWK9SRVPBCQET
x-amz-server-side-encryption: AES256
x-amz-id-2: pMchUus7TLyN+/mqABcKJausxHw08ktZilS6FPUe+z9iLr5WklfnAIAM7b74OImbh1b+yaJEEvw=
last-modified: Tue, 25 Oct 2022 23:03:28 GMT
server: cloudflare
etag: W/"65e17338138d2bf33717f1c39b09c782"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://hegetsus.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 761feb4cedce6993-FRA
expires: Sun, 30 Oct 2022 00:13:54 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 71ms
23ms Script
application/javascript 2606:4700::6811:edcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21516988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9eeecb88a881d5d9211772ad6df8b3f15f04e31bd83255e747c9e304e8d9182

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
x-amz-version-id: LxkNftZmJL4iG28NxmZyBRCp75gMWnm4
via: 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 231
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11084/bundles/project.js&cfRay=761fe5a8f921bbc8-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Fri, 28 Oct 2022 01:51:29 UTC
server: cloudflare
etag: W/"0a63c83bb8a126e6337b60cf6a219925"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 761feb4ceda5bc03-FRA
x-amz-cf-id: uanoqv0M3cRQsPkqeQqi2I1GLFleHmLLCk_550WO9gnfvG0Ve9b42g==
x-hs-target-asset: conversations-embed/static-1.11084/bundles/project.js

GET
H2 200 21516988.js Show response
js.hs-analytics.net/analytics/1667088300000/ 63 KB
20 KB 222ms
176ms Script
text/javascript 2606:4700::6811:43b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1667088300000/21516988.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21516988.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d61856aa05b1fb15f64c64481b50cc3d94a1af1b627032ca4965452c90342518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: F1A1DCSKE1FE1J2Q
x-amz-server-side-encryption: AES256
x-amz-id-2: 0z0fEy7JDN6EzQPozRfAQjSByhgUFXqKqq5hpAIFlX/kLamxOOeEIq9+qAYvYuunPR9HoG9lBfE=
last-modified: Thu, 06 Oct 2022 21:01:08 GMT
server: cloudflare
etag: W/"00501c91e0692f929c9b58604c4290da"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 761feb4cfe606939-FRA
expires: Sun, 30 Oct 2022 00:13:54 GMT

GET
H3 200 424477035833877 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 68ms
68ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/424477035833877?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e784a0b09b3586b9fa84e9ea693974d0bb467876e8416deda5ee7b93bc1c0604

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 30 Oct 2022 00:08:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: CNRlcUazfsMUGSt8MP80sEgg7D996tCvflFrbWq4z2nGA+llgSG9CKV/SaB9lNKAL+xjBE7s0VIika5dfuQshg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 53ms
18ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390250656627131&ev=PageView&dl=https%3A%2F%2Fhegetsus.com%2Fen&rl=&if=false&ts=1667088534500&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667088534500.1676710062&it=1667088534264&coo=false&tm=1&rqm=GET

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
504 B 82ms
25ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=ac642d43-ad61-45da-a7f7-9af51e5d4c32

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

11c6717109577e5f58a2aceac09aaa8041a3d4db667362903ee47ca679ffd3b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hegetsus.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 78 B
164 B 82ms
26ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=ac642d43-ad61-45da-a7f7-9af51e5d4c32&tld=com

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0d8a12d3764f192d1c1bbf514e958788df9e33876091d4640983dff866a71e70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://hegetsus.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK event Show response
ad.ipredictive.com/d/track/ Frame A37F 0
327 B 451ms
107ms Document
text/plain 52.45.108.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=101842&cache_buster=1667088534&url=https%3A%2F%2Fhegetsus.com%2Fen
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/adelphic_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.108.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-108-227.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hegetsus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 30 Oct 2022 00:08:54 GMT
X-CI-RTID: 6ed5dcb3-1f3a-447d-8c93-06bc0aadcdda

POST
H2 200 / Show response
ariane.abtasty.com/ 43 B
417 B 79ms
26ms Fetch
image/gif 34.102.161.46
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

- /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:54 GMT
x-envoy-decorator-operation: -
via: 1.1 google
server: -
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://hegetsus.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 6D43 0
294 B 61ms
26ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=ac642d43-ad61-45da-a7f7-9af51e5d4c32&u_scsid=31719202-5ee4-4b6f-b7dd-d61220fdc05d&u_sclid=50071ac3-b082-4419-b4cb-fae4248aa0e3

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://hegetsus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Sun, 30 Oct 2022 00:08:54 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p
tr.snapchat.com/ 68 B
342 B 59ms
34ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryvZBNHWUMa6cUcPAf

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 7
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H/1.1 200
OK / Show response
com-hegetsus.netmng.com/ 8 KB
4 KB 523ms
158ms Script
text/javascript 199.38.167.54
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://com-hegetsus.netmng.com/?aid=6383&siclientid=&url=https%3A%2F%2Fhegetsus.com%2Fen&p1=1667088534.4069383
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.38.167.54 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: openresty /
Resource Hash: 5cf640b8f085306658420c84374924cbd6c71a4a8d200cbf1ef384dee465ae21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2022 00:08:55 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
X-Cnection: close
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Fri, 28 Oct 2022 00:08:55 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=31223599&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31223599%26t%3D1

0
1018 B

23ms
23ms

Script
application/javascript

185.89.210.212
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31223599%26t%3D1

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

HTTP/1.1

Server

185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:54 GMT
AN-X-Request-Uuid: 60f21099-a5aa-4de7-b007-426be629f42b
Server: nginx/1.21.3
Content-Type: application/javascript; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:54 GMT
AN-X-Request-Uuid: 97ca4545-f45a-45c0-b802-ba943edb2f96
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D31223599%26t%3D1
Connection: keep-alive
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 120ms
28ms Script
application/x-javascript 2600:9000:225a:5600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225a:5600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sat, 29 Oct 2022 23:30:35 GMT
content-encoding: gzip
via: 1.1 2290762b4070c2faf5e496f8e496e184.cloudfront.net (CloudFront)
last-modified: Sat, 29 Oct 2022 23:30:25 GMT
server: Jetty(9.3.29.v20201019)
x-amz-cf-pop: TXL50-P1
age: 2299
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: iBNj4Wy7XaDZO00dndJAgV7h_w80lU9sGx4oOynZsZ_U6w3TiHhFhg==
expires: Sun, 30 Oct 2022 00:30:35 GMT

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/he-gets-us/ 79 KB
25 KB 502ms
430ms Script
application/javascript 18.66.122.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/he-gets-us/p13n.min.js
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-52.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e919d620187efd74face45013e224f300c61d5215c4d89397ef3d98d25547a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: Y7wjryCi21WubEJbgQzPKI0qS6i9Jift
Content-Encoding: gzip
Via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
Date: Sun, 30 Oct 2022 00:08:55 GMT
X-Amz-Cf-Pop: FRA60-P2
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 28 Oct 2022 04:09:41 GMT
Server: AmazonS3
ETag: W/"0c177f7d6b1138f5cc533eb931d31a4c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: gHna-yK1ZwnewgPPr3VkmD73UnWhqNzwtF2ukaFlc03zuW-2eCTCgQ==

GET
H3 200 /
www.google.com/pagead/1p-user-list/AW-10808808638/ 42 B
64 B 65ms
30ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-10808808638/?random=1667088534416&cv=9&fst=1667088000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&frm=0&url=https%3A%2F%2Fhegetsus.com%2Fen&tiba=Home%20-%20He%20Gets%20Us&async=1&fmt=3&is_vtc=1&random=4138643212&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/AW-10808808638/ 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-10808808638/?random=1667088534416&cv=9&fst=1667088000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&frm=0&url=https%3A%2F%2Fhegetsus.com%2Fen&tiba=Home%20-%20He%20Gets%20Us&async=1&fmt=3&is_vtc=1&random=4138643212&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK analytics.min.js Show response
cdn.bttrack.com/js/15951/analytics/1.0/ 599 B
696 B 29ms
29ms Script
text/javascript 69.16.175.42
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/js/15951/analytics/1.0/analytics.min.js
Requested by: Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/universal/44940
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: 29d772f213a2c3c8c93ef568dc8d4c53891753ea66de1c3c3cd1b2062eab137c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 00:08:54 GMT
Content-Encoding: gzip
X-HW: 1667088534.dop228.lo4.t,1667088534.cds320.lo4.shn,1667088534.dop228.lo4.t,1667088534.cds043.lo4.c
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=60019
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 368

GET
H2 200 2446
bttrack.com/Pixel/Retarget/ 35 B
263 B 330ms
109ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/Retarget/2446
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:37 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2

200

b=99875872
bcp.crwdcntrl.net/5/ct=y/c=6411/
Redirect Chain

https://bttrack.com/Pixel/Conversion/15951/default?type=img
https://bcp.crwdcntrl.net/5/c=6411/b=99875872
https://bcp.crwdcntrl.net/5/ct=y/c=6411/b=99875872

49 B
277 B

57ms
56ms

Image
image/gif

52.19.32.187
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6411/b=99875872
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Server: 52.19.32.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-32-187.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.11
content-length: 49
x-consent: absent

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:55 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=6411/b=99875872
cache-control: no-cache
x-server: 10.45.1.5
content-length: 0
expires: 0

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 258 B
1 KB 175ms
149ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21516988&conversations-embed=static-1.11084&mobile=false&messagesUtk=b02e5c06aca34aa28c7ab965fed18829&traceId=b02e5c06aca34aa28c7ab965fed18829

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07f2ec40f0ff0a4e211f74eff00d806b94cfe269aaa0a821ef905250f98132e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: e990b4dd-7f36-4df9-bfa3-1b3f6fc7271a
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 203
server: cloudflare
x-trace: 2BDC6F61E0077005EFE3DFD9210B5D81A630F862EE000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://hegetsus.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQWTW4Z%2FuR%2FKqWQv1qlVD%2BGp3Efl%2F57TG2xHp4%2B2Ga4ZCHYOm0ZWkAYtge6z0S2QsEoP5bYWGPps9USsgz51cJ6nkU1q1aHDNppiT8u%2F%2BlZQ0reeQ777YWHAKNXZzBWPe%2BmjCReNrF0N6amhnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 761feb4e88269113-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 193ms
144ms Preflight
text/plain 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://hegetsus.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://hegetsus.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 761feb4d7ec391f9-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 30 Oct 2022 00:08:54 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR3I2OHAi6LeaED7qi10h9EkdBjCQhnjARBJAw9VyUTXlfmMO5gDFe25qpZxAc91QoFdp5ZrTJk3iHZMovn5CPs53WQ3oJ%2FYYpDvLufvANV4ZTI8PcqUc2qG0%2FLL7eoh9ry2ETKS2yJjvXuhxA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 532a4219-9d5e-4076-afaf-c5e46f2fd158
x-trace: 2B8B010F18DC6B2F382F57B46A645A0C1357F24CE7000000000000000000

GET
H2 200 js Show response
bttrack.com/engagement/ 10 KB
4 KB 298ms
111ms Script
text/javascript 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/js?goalId=15951&cb=1667088534586
Requested by: Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/15951/analytics/1.0/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: c766798375aeb87dcd478eecae5d4eca5b662643689cb325e1684c28b728d529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:37 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/javascript; charset=utf-8
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
expires: -1

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 36ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=424477035833877&ev=PageView&dl=https%3A%2F%2Fhegetsus.com%2Fen&rl=&if=false&ts=1667088534600&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1667088534500.1676710062&it=1667088534264&coo=false&tm=1&rqm=GET

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK ca.html Show response
20841567p.rfihub.com/ Frame 9338 3 KB
3 KB 268ms
29ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20841567p.rfihub.com/ca.html?ver=9&rb=46834&ca=20841567&_o=46834&_t=20841567&pe=https%3A%2F%2Fhegetsus.com%2Fen&pf=&ra=5202096987624234
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 98724bf51124982e577eb8196150b76bce0de0a7cd927fed56eb15c696a53920

Request headers

Referer: https://hegetsus.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2610
Content-Type: text/html;charset=utf-8
Date: Sun, 30 Oct 2022 00:08:54 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H3 200 web Show response
edge.fullstory.com/s/settings/o-1CMJBP-na1/v1/ 4 KB
1 KB 399ms
366ms XHR
application/json 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/o-1CMJBP-na1/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 223c861ca18298789ace6b3a62293f52dec025db663c6ec501756c797b86e805

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdud4NO12PCrF2CKmd-jOCyI8fwb1HV4tyG4TRLUCxGu3kAC_syVii4RPtifhminBEDbms3S02_ryNmQ90m1DcvxAQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1217
last-modified: Sun, 30 Oct 2022 00:08:08 GMT
server: UploadServer
etag: "1aa0461190ef85953c2144f3900dd2a1"
x-goog-generation: 1667088488861447
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Z8RA8Q==, md5=GqBGEZDvhZU8IUTzkA3SoQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1217
accept-ranges: bytes
expires: Sun, 30 Oct 2022 00:23:54 GMT

GET
H3 200 ProximaNovaBold.otf
hegetsus.com/fonts/ 62 KB
41 KB 190ms
190ms Font
font/otf 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/fonts/ProximaNovaBold.otf

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer: https://hegetsus.com/_next/static/css/b34ae27a4a7ab0a7.css
Origin: https://hegetsus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"f940-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: font/otf
cache-control: public, max-age=0
x-envoy-upstream-service-time: 13
cf-ray: 761feb4f0931bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 en
hegetsus.com/ 55 KB
55 KB 178ms
178ms Image
text/html 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/en

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 30 Oct 2022 00:08:54 GMT
server: cloudflare
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
x-envoy-upstream-service-time: 19
cf-ray: 761feb4f1944bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 arrowBefore.svg
hegetsus.com/ 827 B
994 B 151ms
150ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/arrowBefore.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

270c8a59ad9b9c6e82b468f77e8e025c7e31c7a15d8a1ca86420bfb3e32f375e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"33b-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 6
cf-ray: 761feb4f1947bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 arrowNext.svg
hegetsus.com/ 305 B
709 B 169ms
167ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/arrowNext.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

fbc21ba11f113e22e07da91847ec94041e8a02beaf6f3ea7798c531ce700f320

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"131-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 3
cf-ray: 761feb4f1949bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 shop1.png
hegetsus1dev.wpengine.com/wp-content/uploads/2022/08/ 33 KB
33 KB 634ms
249ms Image
image/png 35.223.93.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hegetsus1dev.wpengine.com/wp-content/uploads/2022/08/shop1.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.223.93.255 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.93.223.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7b667a26489074fc276afb22946b4eaa5e2cab44b3a647079821d30d9210fc1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
last-modified: Wed, 31 Aug 2022 21:19:10 GMT
server: nginx
etag: "630fd04e-842a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 33834

GET
H2 200 shop2.png
hegetsus1dev.wpengine.com/wp-content/uploads/2022/08/ 34 KB
34 KB 758ms
373ms Image
image/png 35.223.93.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hegetsus1dev.wpengine.com/wp-content/uploads/2022/08/shop2.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.223.93.255 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.93.223.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b3308bdcdb0cbd7668a7d70204ebbd50b2ec8a8a5c85c5d21de77c9fd9f3d66e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
last-modified: Wed, 31 Aug 2022 21:19:10 GMT
server: nginx
etag: "630fd04e-8895"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 34965

GET
H2 200 shop3.png
hegetsus1dev.wpengine.com/wp-content/uploads/2022/08/ 38 KB
38 KB 758ms
373ms Image
image/png 35.223.93.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hegetsus1dev.wpengine.com/wp-content/uploads/2022/08/shop3.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.223.93.255 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.93.223.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e487ce5433a37fd86208670ef74a36ae89ea3454ecc8707fc996cee04185f321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
last-modified: Wed, 31 Aug 2022 21:19:07 GMT
server: nginx
etag: "630fd04b-98a2"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 39074

GET
H2 200 shop5.png
hegetsus1dev.wpengine.com/wp-content/uploads/2022/10/ 35 KB
35 KB 758ms
373ms Image
image/png 35.223.93.255
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hegetsus1dev.wpengine.com/wp-content/uploads/2022/10/shop5.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.223.93.255 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 255.93.223.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d67cf70b18044a0f739304aefe60cd616634fac567180398e1524ac22a5c8513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
last-modified: Tue, 04 Oct 2022 17:01:03 GMT
server: nginx
etag: "633c66cf-8bbc"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 35772

GET
H3 200 Thumbnail.png
content.hegetsus.com/wp-content/uploads/2022/10/ 82 KB
83 KB 69ms
36ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/10/Thumbnail.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c4dba89272fdf4369837371cc8cf95d3c40d359b3f3d8be37ffbebcc47625fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3033
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 84231
cf-bgj: imgq:100,h2pri
last-modified: Mon, 10 Oct 2022 16:12:23 GMT
server: cloudflare
etag: "63444467-14907"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0hw2CClbyNyALIo7vbk6bIlMUJZA9YWR4ZS7dRSnRhkxSFzgBx3ecMYYCA4NxUP8luD7NkhkxM%2FDOyrCpExM2mdaLZXKQJSdjKaWk1u45BTVCSV56MyfbXw8XFN2XJnIEDxLb%2Bv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4f69f7d3bb-CDG

GET
H3 200 Artboard-1-copy-2.png
content.hegetsus.com/wp-content/uploads/2022/10/ 92 KB
92 KB 610ms
577ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/10/Artboard-1-copy-2.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e496dc4a36cd00517a422fd0347d82320ab7280cf3f37340de03342d3da43b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Oct 2022 18:44:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "633c7f24-16eed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLuxE8Zp%2FviVFTgrVv2J2GZ2wes7g0RDiE1B3QRQIGcr1e2zZYENDVvuZL8aqM8JpriqIRT1rp6%2F8RNVJ6lVIqNO6wt9iIB3QaQ0pU85aquxbCiKJzbneOkSLYUbKAJHBqjmalHs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4f69fad3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93933

GET
H3 200 Artboard-1-1.png
content.hegetsus.com/wp-content/uploads/2022/10/ 102 KB
103 KB 654ms
621ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/10/Artboard-1-1.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ab48b971010d2d8887a324917b320ca2af8b95a0845fca658a81c0cabcc44a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 03 Oct 2022 21:28:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "633b53ed-199d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNZeqmz3TBna8%2BT%2Fdx11J2wij967xUx4jBXCIP%2FjbvNHi4hBCaN3nDCFrA1s7hyRSnmIsr49xAQsGTBJ7r0zVoOr%2Fw1a0RoZnAH9CPF2CYT2SWhY1GAvFqU0O4LjhHknpv1odcLY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4f69fed3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 104916

GET
H3 200 thumb-Jesus-invited-everyone-to-sit-at-his-table.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 67 KB
68 KB 582ms
549ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Jesus-invited-everyone-to-sit-at-his-table.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe43a988fe646fc0a1cc7526c657056c6e80fc3f923a7412ac165e921c45e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-10cc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7Ps7ChHvTObbzTVDZs5aeEJX2bDVW8M8KZaE7MXvVAdRxirnH1qeJNIvsjBWofitp%2FQRIk%2BgyFDWv7Fgztwp40LeN7CdGhvQEX7eQfsoElRfM6NF%2BBbcdqGllXXuWmV%2Fe%2F%2FUeJ5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4f6a01d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68801

GET
H3 200 cam.svg
hegetsus.com/ 874 B
921 B 155ms
154ms Image
image/svg+xml 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hegetsus.com/cam.svg

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

6c7cc80e0dacba4e581b2fbc9010c4ee48fc5d8b3cf00328abe696334a1764f1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

Referer: https://hegetsus.com/_next/static/css/84d6bd0484d96b9d.css
Origin: https://hegetsus.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
etag: W/"36a-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=0
x-envoy-upstream-service-time: 2
cf-ray: 761feb4f396cbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 thumb-Did-Jesus-face-criticism.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 61 KB
61 KB 583ms
550ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Did-Jesus-face-criticism.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21335b4b23907b2303b3e06943f13e24cc192699d3fb5f1b388a604676214c46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163544-f314"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPWYIHXVS2MEGbe3QVdAyVjVswLAM03WNInG%2BcS%2Bl1Go4b9GkY9MFNiZXapYS3q1Zc%2FTJROsHB0aZ0gXDjoHU%2BD8%2BzjNl5S5hB4Q9ejUaankTGjnDWjZ%2Bfm7I0SOtdjLLczBRZZ6"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4f69fdd3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62228

GET
H3 200 judged-mobile.png
content.hegetsus.com/wp-content/uploads/2022/08/ 109 KB
109 KB 612ms
580ms Image
image/png 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/judged-mobile.png
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6fbf3dffbfd25be712f2d5d50e5ef05ae98a6b1bf37736820847d7b800ca4d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Sep 2022 23:43:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63192ca9-1b282"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krs%2FRfvaXiJWzLh7DTS55mOR4Rypjwio8JVy1zi9HvlnqELUlM7o3OnIq5IXH3gjipJJEOYekrQSPKMixNMbzqr4O9VK%2BOX6lfna9sjM9NLTKQaY6wbC4Jc4Ql4E7M2EgLqsNpcv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4f69fcd3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 111234

GET
H3 200 140-0cb664bd1d2f1a3f.js
hegetsus.com/_next/static/chunks/ 0
9 KB 27ms
26ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/140-0cb664bd1d2f1a3f.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114649
etag: W/"74e8-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4f99eebb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 %5Buri%5D-92b389689dc6f002.js
hegetsus.com/_next/static/chunks/pages/ 0
3 KB 24ms
23ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/%5Buri%5D-92b389689dc6f002.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 16213
etag: W/"1938-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4f99f0bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 %5Bslug%5D-39b0c49844a98105.js
hegetsus.com/_next/static/chunks/pages/topics/ 0
2 KB 25ms
25ms Other
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/topics/%5Bslug%5D-39b0c49844a98105.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:54 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 16213
etag: W/"b50-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 19
cf-ray: 761feb4f99f3bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 event Show response
bttrack.com/engagement/ 0
226 B 322ms
110ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215951%22%2C%22sessionId%22%3A%22c7e569f9-55d8-4bc8-ab60-21cf5d96bfee%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fhegetsus.com%2Fen%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15951&cb=1667088534586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:37 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/plain
access-control-allow-origin: *
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 0
expires: -1

GET
H2 200 getpixels Show response
bttrack.com/engagement/ 0
34 B 322ms
111ms XHR
text/html 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/getpixels?gid=15951
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15951&cb=1667088534586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:37 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/html
access-control-allow-origin: *
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 0
expires: -1

GET
H3 200 thumb-How-did-Jesus-deal-with-injustice.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 64 KB
64 KB 557ms
557ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-How-did-Jesus-deal-with-injustice.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd50ff3ff374f65d1e16c3f66cb6ce969d10dff915bbc42eb31358f4c5f706b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-fe10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXh6vbt5sTKaV59C58PAqzR73J04gil8OgOoxfCqEMMZrW6KnSX2ih4dK%2FZ%2FdS%2BNpWBV3sta4gZvc9dV4cR4mXfIcyJAMtpZkNTeuLL0o%2Bk8AaEHeLWi2%2Bce3fPo0ZfPmIDHYM2E"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda5dd3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65040

GET
H3 200 thumb-Did-Jesus-have-fun.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 73 KB
74 KB 584ms
582ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Did-Jesus-have-fun.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c5b542f35ba2680e0d3b8b2598eb161e9bfa5df6cf236452ebd2a49f9ff9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163544-124cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2F92nTFVzX5%2FBXEH9v1kJX%2BO8%2FgkKf2VQFFNU8Odn56sEPTVxGecstCBo7kxUjynlbLO3PO4RMsI9FoRISoFJRDF1RgIvLnoQyV%2FlvZ%2BCb1voHTd%2BgH9qDo2uXSUNktuUBdJ1a3v"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda63d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74955

GET
H3 200 thumb-Did-Jesus-struggle-to-be-a-good-role-model.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 93 KB
93 KB 559ms
557ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Did-Jesus-struggle-to-be-a-good-role-model.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b21404c692edfa998329f4841526b2ff12abfd24de77132bd3a0c7e3ec91d5b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-17270"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo2yAlh94lYvRVdIUsQAG4TRjtynvCIpI70kNO04Kej5bBSVKytaqQOz%2BSRn2kVPqhkHvbGMvlUv2qFsdm8MJOq%2F6RUhC28x3%2BrCWCklQP2CgezOKUZ7R2SRy0ZMOhyOYa7oMsU7"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda64d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94832

GET
H3 200 thumb-was-jesus-ever-lonely.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 65 KB
66 KB 557ms
556ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-was-jesus-ever-lonely.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a016d3cc314d2c3502a258c0238a8f2d197ea27bf244499bbcd419a12092447f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-104f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ1hZTpm%2BtJV1zsvLCCcJl1U%2FvC9Gcm%2FBP0U%2BQFaVhwZ4dYewPXUIEgQFYrygvNgNIY6imc%2B0cpCsUJjqO1n0P0REbA4ShcGC%2BL3wmPz9fFyl%2FGeVQ%2Fq%2FdLupzx4qbe6O6aFOFPk"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda65d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66802

GET
H3 200 thumb-What-would-Jesus-think-of-teen-moms.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 42 KB
43 KB 583ms
581ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-What-would-Jesus-think-of-teen-moms.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b4572d3a4c5e15a4784258a7353d4fa039bcf5115ca38d2e427caf1dfd6039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-a82f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqoRcvZRyHGZdVHd%2BEuTHZKCkGpsO%2Fikai6fod1kCY%2FewGzgvNDifcYJQJfVzj3ZEUl%2BvInz%2B%2FBt9k%2FTh62YMGq%2B40qADUWd%2F2U4pBii7ria2RQEN5ZMOCrWSQvKnrjXEPIYPwWZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda66d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43055

GET
H3 200 thumb-Was-Jesus-ever-stressed.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 41 KB
41 KB 585ms
584ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Was-Jesus-ever-stressed.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: edc44a17354992cb12430c3ea1fa6a6915d8268767ff800a739dfe883f0ea935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-a3ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDvQquEy5xT08SfxvM%2FqTG%2BntT5fYzkmk1DdyGU3lesaIew8hgH%2FFQp0b9yrjaAj8okZZbpKxqK%2BLq9miO2sygM03xalESMjE8gPFMZMcggMatglrsrqWkdamyIDwWhoJ4tNnxY1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda68d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41901

GET
H3 200 thumb-Did-Jesus-live-in-poverty.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 73 KB
74 KB 587ms
585ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Did-Jesus-live-in-poverty.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e34252fd53708409d2e828b84dec33cd9aedfc50afe539d9620b2c734ca524f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-1247b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuzGLqNPm2NrZNOeuQ2K5B1WFJuhsJjZVWwWAmoi6tU1mnQP9x7iH5v4iR8qwXRV53qB7GB%2Bw6Tf81e%2F3e58Egd0jqDL04bqL952rQz0e25VgKDHEuOIDGUeoEPqcCLeFHOj2DXN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda69d3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74875

GET
H3 200 thumb-Why-did-Jesus-cry.jpg
content.hegetsus.com/wp-content/uploads/2022/08/ 56 KB
56 KB 610ms
609ms Image
image/jpeg 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.hegetsus.com/wp-content/uploads/2022/08/thumb-Why-did-Jesus-cry.jpg
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eadb5ecc285c92bca70a1d42e8970100be9297bd35f407081802c5d23c47f95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Sep 2022 17:43:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63163545-df99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=371%2Bcx%2FbBZJxkYFUMl2PRwonnnIiwy5ia3WIhPIhv51ejnwfLqiSAD6H7cm5zg7%2Bq4qeayKzCteIXCnjFTP0GrZ6WSOAdtIOWM0U7UbqhGzz7BCbGUeUMk2t3rLGpIU2le7NiWNi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 761feb4fda6ad3bb-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57241

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 9338
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzNDQ1NTQxOTY2ODg0ODE3Ng==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJ09SSnii8siDepEDNAbMjE&google_cver=1

42 B
1007 B

94ms
24ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJ09SSnii8siDepEDNAbMjE&google_cver=1
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 30 Oct 2022 00:08:55 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEJ09SSnii8siDepEDNAbMjE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 9338 43 B
1007 B 176ms
23ms Image
image/gif 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5134455419668848176

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:55 GMT
AN-X-Request-Uuid: b9b20351-9f88-40f8-a609-55803dca81ae
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 9338 0
239 B 192ms
17ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5134455419668848176&
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 9338
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5134455419668848176&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419668848176&redir=

42 B
942 B

41ms
41ms

Image
image/gif

54.194.129.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419668848176&redir=

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

HTTP/1.1

Server

54.194.129.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-129-15.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-09e3db1c5.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rtpzVieQQeE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-00c503e2b.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: g6UF24OVTy0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5134455419668848176&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 9338
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5134455419668848176&bid=omt9pi0

0
344 B

73ms
16ms

Image
text/plain

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5134455419668848176&bid=omt9pi0
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 00:08:55 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5134455419668848176&bid=omt9pi0
Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 9338 45 B
617 B 233ms
72ms Image
image/gif 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5134455419668848176

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 30 Oct 2022 00:08:55 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Sun, 30 Oct 2022 00:08:55 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 9338 0
104 B 20ms
17ms Image
text/plain 18.192.223.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.223.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-223-154.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame 9338
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5134455419668848176&referrer=https%3A%2F%2Fhegetsus.com%2Fen
https://p.rfihub.com/cm?pub=39342&in=0&userid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Db1572ca7-cd05-43f3-b043-6a8b45c...
https://idsync.rlcdn.com/501709.gif?partner_uid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448

0
9 B

72ms
24ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448
Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 9338 43 B
109 B 430ms
151ms Image
image/gif 34.232.208.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5134455419668848176
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.232.208.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-232-208-82.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9338
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419668848176&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419668848176&forward=&C=1

43 B
766 B

17ms
16ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5134455419668848176&forward=&C=1
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5134455419668848176&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame 9338 0
98 B 177ms
24ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455419668848176
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 9338 43 B
191 B 328ms
169ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5134455419668848176

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires: Sun, 30 Oct 2022 00:08:55 GMT
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:55 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 9338
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419668848176&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419668848176&img=1&__user_check__=1&sync_id=0b1cdc8a-57e7-11ed-a60c-1ce730eb0106

43 B
548 B

25ms
25ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5134455419668848176&img=1&__user_check__=1&sync_id=0b1cdc8a-57e7-11ed-a60c-1ce730eb0106
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 21
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5134455419668848176&img=1&__user_check__=1&sync_id=0b1cdc8a-57e7-11ed-a60c-1ce730eb0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 9338 43 B
183 B 339ms
101ms Image
image/gif 2600:1f18:612b:4232:9c15:4654:b243:bd92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5134455419668848176&r=pKH39e7cAcv2
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:9c15:4654:b243:bd92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 30 Oct 2022 00:08:55 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 9338 43 B
377 B 169ms
38ms Image
image/gif 54.76.86.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5134455419668848176
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.86.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-86-77.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:55 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 9338 0
338 B 149ms
38ms Image
text/plain 54.194.97.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5134455419668848176
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.97.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-97-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n001-dub-prod.krxd.net
date: Sun, 30 Oct 2022 00:08:55 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1667088535
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 9338
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5134455419668848176&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419668848176&expires=30

43 B
495 B

17ms
17ms

Image
image/gif

18.194.110.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419668848176&expires=30
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Server: 18.194.110.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-110-242.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 00:08:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5134455419668848176&expires=30
Date: Sun, 30 Oct 2022 00:08:55 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 9338
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Y13AlwAAAYs48gAO
https://p.rfihub.com/cm?in=1&pub=21653&userid=Y13AlwAAAYs48gAO&_test=Y13AlwAAAYs48gAO

42 B
1 KB

24ms
24ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y13AlwAAAYs48gAO&_test=Y13AlwAAAYs48gAO
Requested by: Host: hegetsus.com
URL: https://hegetsus.com/en
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20841567p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 30 Oct 2022 00:08:55 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn4050-HHN
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:55 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1667088535.483511,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Y13AlwAAAYs48gAO&_test=Y13AlwAAAYs48gAO
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 17ms
16ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390250656627131&ev=Microdata&dl=https%3A%2F%2Fhegetsus.com%2Fen&rl=&if=false&ts=1667088535020&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20He%20Gets%20Us%22%2C%22meta%3Adescription%22%3A%22He%20Gets%20Us%20is%20a%20movement%20to%20free%20the%20story%20of%20Jesus%20from%20hypocrites%20and%20extremists.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Home%22%2C%22og%3Adescription%22%3A%22He%20Gets%20Us%20is%20a%20movement%20to%20free%20the%20story%20of%20Jesus%20from%20hypocrites%20and%20extremists.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcontent.hegetsus.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fhgu-banner-home-eng-20221020-scaled.jpg%22%2C%22og%3Asite_name%22%3A%22He%20Gets%20Us%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fhegetsus.com%2Fen%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667088534500.1676710062&it=1667088534264&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 %5Bslug%5D-39b0c49844a98105.js Show response
hegetsus.com/_next/static/chunks/pages/topics/ 3 KB
2 KB 22ms
21ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/topics/%5Bslug%5D-39b0c49844a98105.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

18c14b0194185353fc0ccec8298d222b4a8f8b1f79ad2f1b297192ac7f1d4066

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 16214
etag: W/"b50-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 19
cf-ray: 761feb4ffa4cbb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 88ba9901fc09f84d.css Show response
hegetsus.com/_next/static/css/ 18 KB
3 KB 25ms
24ms Fetch
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/88ba9901fc09f84d.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

dc23d15fe1341e674d02d382ee822e6f70a2372237defbb10ddff7ca9ae01cb4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 16214
etag: W/"464f-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4ffa4ebb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 140-0cb664bd1d2f1a3f.js Show response
hegetsus.com/_next/static/chunks/ 29 KB
9 KB 25ms
25ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/140-0cb664bd1d2f1a3f.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

38cacf79a3100b93171c6ef9042388e394ac1e48af093efc7d6f4fd80871de49

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 114650
etag: W/"74e8-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4ffa50bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 %5Buri%5D-92b389689dc6f002.js Show response
hegetsus.com/_next/static/chunks/pages/ 6 KB
3 KB 26ms
25ms Script
application/javascript 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/chunks/pages/%5Buri%5D-92b389689dc6f002.js

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/_next/static/chunks/main-ccfab947c79712f4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

19f9fee9932f6c968f1466e130fdef77f654cbfd5e5cb111836b061b9940693d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 16214
etag: W/"1938-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 4
cf-ray: 761feb4ffa53bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 a1fd29143301516c.css Show response
hegetsus.com/_next/static/css/ 21 KB
4 KB 26ms
25ms Fetch
text/css 141.193.213.30
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://hegetsus.com/_next/static/css/a1fd29143301516c.css

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

141.193.213.30 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare / WP Engine Atlas

Resource Hash

69603ddd2c8cfb2b459b2346fdeff1dcdc9cc5737d4b443dea2cce16c804276e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/en
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
server: cloudflare
age: 16214
etag: W/"52a8-49773873e8"
x-powered-by: WP Engine Atlas
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-envoy-upstream-service-time: 3
cf-ray: 761feb4ffa55bb4f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 / Show response
ariane.abtasty.com/ 43 B
64 B 57ms
25ms Fetch
image/gif 34.102.161.46
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

- /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:55 GMT
x-envoy-decorator-operation: -
via: 1.1 google
server: -
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://hegetsus.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ 144 B
459 B 456ms
122ms XHR
application/json 54.145.145.153
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiYjE1NzJjYTctY2QwNS00M2YzLWIwNDMtNmE4YjQ1YzFmZmI0OjE2NjcwODg1MzQuMzIxNjQ0OCJ9fQ%3D%3D&site_id=he-gets-us
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/he-gets-us/p13n.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.145.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-145-153.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8f0eb9745497c60312e9630f0308ac0f6e16be057f941b284fb0b30bb39f7a5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Sun, 30 Oct 2022 00:08:55 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 144

GET
H/1.1 200
OK / Show response
com-hegetsus.netmng.com/HEGETSUS/com/ 4 KB
2 KB 108ms
108ms Script
text/javascript 199.38.167.54
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://com-hegetsus.netmng.com/HEGETSUS/com/?vid=za9ycrdq9ihq2&referer=&browserPixelRatio=1&browserWidth=1600&browserHeight=1200&aid=6383&siclientid=&url=https%3A%2F%2Fhegetsus.com%2Fen&p1=1667088534.4069383&function=browser_check&r=5edeb1
Requested by: Host: com-hegetsus.netmng.com
URL: https://com-hegetsus.netmng.com/?aid=6383&siclientid=&url=https%3A%2F%2Fhegetsus.com%2Fen&p1=1667088534.4069383
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.38.167.54 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: openresty /
Resource Hash: 27bafb82039a364d3fe2d91a9a436224a769566fe95e1f0991d6dc73e46b0d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Oct 2022 00:08:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 28 Oct 2022 00:08:55 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
X-Cnection: close
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache, private
Expires: Fri, 28 Oct 2022 00:08:55 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 15ms
15ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=390250656627131&ev=IO_AUD&dl=https%3A%2F%2Fhegetsus.com%2Fen&rl=&if=false&ts=1667088535067&cd[AudienceId]=1780&sw=1600&sh=1200&v=2.9.89&r=stable&ec=2&o=30&fbp=fb.1.1667088534500.1676710062&it=1667088534264&coo=false&tm=2&rqm=GET

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 16ms
15ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=424477035833877&ev=Microdata&dl=https%3A%2F%2Fhegetsus.com%2Fen&rl=&if=false&ts=1667088535102&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20He%20Gets%20Us%22%2C%22meta%3Adescription%22%3A%22He%20Gets%20Us%20is%20a%20movement%20to%20free%20the%20story%20of%20Jesus%20from%20hypocrites%20and%20extremists.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Home%22%2C%22og%3Adescription%22%3A%22He%20Gets%20Us%20is%20a%20movement%20to%20free%20the%20story%20of%20Jesus%20from%20hypocrites%20and%20extremists.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcontent.hegetsus.com%2Fwp-content%2Fuploads%2F2022%2F10%2Fhgu-banner-home-eng-20221020-scaled.jpg%22%2C%22og%3Asite_name%22%3A%22He%20Gets%20Us%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fhegetsus.com%2Fen%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.89&r=stable&ec=1&o=30&fbp=fb.1.1667088534500.1676710062&it=1667088534264&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 224ms
188ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=o-1CMJBP-na1&UserId=6664139888939008&SessionId=6290759503335424&PageId=5788172540727296&Seq=1&PageStart=1667088534600&PrevBundleTime=0&LastActivity=4&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f9c5185daa073cbab8f57677b4d02988950134a6601092e84fe78eedac454338

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hegetsus.com
date: Sun, 30 Oct 2022 00:08:55 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

POST
H2 200 track Show response
events.api.boomtrain.com/event/ 2 B
200 B 343ms
120ms XHR
text/plain 52.45.50.76
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/he-gets-us/p13n.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.50.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-50-76.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 30 Oct 2022 00:08:55 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2
access-control-allow-methods: GET, PUT, POST, DELETE

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
895 B 183ms
140ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3865676674&v=1.1&a=21516988&pu=https%3A%2F%2Fhegetsus.com%2Fen&t=Home+-+He+Gets+Us&cts=1667088535774&vi=348d21330567f0865349ce16b3d6231f&nc=true&u=257663124.348d21330567f0865349ce16b3d6231f.1667088535770.1667088535770.1667088535770.1&b=257663124.1.1667088535770&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Sun, 30 Oct 2022 00:08:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4e12dd7f-2864-4f02-ae4a-36e9bfb9d858
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nY6mUhAyaptIuY0ZjmpqXlwbHihc43y1XLMd2UWcTI47UGULvPfxSpgnKOWuehU5yBLhPPedRnLz%2BsaXFrheuUsC0C7Qy8AQOvONweQ329KcPcmeV1XfsBkUx12%2B6eNMcSzwwjMzu%2B%2F9HkdSHTl%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 761feb54e98a9091-FRA
x-robots-tag: none

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 57ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-81D9T8QJTW&gtm=2oeaq0&_p=1645503403&cid=2108977737.1667088534&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dl=https%3A%2F%2Fhegetsus.com%2Fen&dr=&sid=1667088534&sct=1&seg=0&dt=Home%20-%20He%20Gets%20Us&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-81D9T8QJTW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 30 Oct 2022 00:08:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hegetsus.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
ariane.abtasty.com/ 43 B
64 B 25ms
24ms Fetch
image/gif 34.102.161.46
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: hegetsus.com
URL: https://hegetsus.com/en

Protocol

Security

QUIC, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

- /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 30 Oct 2022 00:08:59 GMT
x-envoy-decorator-operation: -
via: 1.1 google
server: -
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://hegetsus.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
content-length: 43
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 event Show response
bttrack.com/engagement/ 0
60 B 108ms
108ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215951%22%2C%22sessionId%22%3A%22c7e569f9-55d8-4bc8-ab60-21cf5d96bfee%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2Fhegetsus.com%2Fen%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15951&cb=1667088534586
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hegetsus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Sun, 30 Oct 2022 00:08:42 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: text/plain
access-control-allow-origin: *
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 0
expires: -1

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 222ms
217ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=o-1CMJBP-na1&UserId=6664139888939008&SessionId=6290759503335424&PageId=5788172540727296&Seq=2&PageStart=1667088534600&PrevBundleTime=1667088535426&LastActivity=4862&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: fd8fa04bf615fb39ff18fcbaf00a824fe46c5a8b385fe410ee5cd1dc305ea76d

Request headers

Referer: https://hegetsus.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://hegetsus.com
date: Sun, 30 Oct 2022 00:09:00 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

58 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 07:06:14	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.hegetsus.com/	1970-01-20 09:14:24	Name: _gcl_au Value: 1.1.1597333172.1667088534
.hegetsus.com/	1970-01-20 16:40:48	Name: initialTrafficSource Value: utmcsr_(direct)\|utmcmd_(none)
.hegetsus.com/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.hegetsus.com/	1970-01-20 07:06:14	Name: _gid Value: GA1.2.1242339093.1667088534
.hegetsus.com/	1970-01-20 07:04:48	Name: _gat_UA-59093344-1 Value: 1
.hegetsus.com/	1970-01-20 07:04:48	Name: _gat_UA-213919952-1 Value: 1
.bing.com/	1970-01-20 16:26:24	Name: MUID Value: 3A167B8449146B6A3FDF69C948146ADA
.serving-sys.com/	1970-01-20 09:14:24	Name: ActivityInfo2 Value: 1aFwd8Cn60_
.serving-sys.com/	1970-01-20 09:14:24	Name: u2 Value: a988176c-5359-43ac-b030-b4a23d28a17d4Jv060
.hegetsus.com/	1970-01-20 07:06:14	Name: _uetsid Value: 0a7377d057e711ed9cb05d79d40c4629
.hegetsus.com/	1970-01-20 16:26:24	Name: _uetvid Value: 0a73d13057e711ed86915b3f1a9514ed
.hegetsus.com/	1970-01-20 16:40:48	Name: _ga_81D9T8QJTW Value: GS1.1.1667088534.1.0.1667088534.60.0.0
.hegetsus.com/	1970-01-20 16:40:48	Name: _ga Value: GA1.1.2108977737.1667088534
.ispot.tv/	1970-01-20 16:40:48	Name: pt Value: v2:984993bdb6dc2276ba0dab0415ae11421cbaaf05f34a84a0c49b7ac8a2904b72\|a242cda22cd8600eb4029d87e36763d7537dd6c0c60d125cc2cb6ba1321a8147
.hegetsus.com/	1970-01-20 09:14:24	Name: _rdt_uuid Value: 1667088534431.8b7e29eb-2e19-41fe-979f-48203d9981cd
.rezync.com/	1970-01-20 11:24:00	Name: zync-uuid Value: b1572ca7-cd05-43f3-b043-6a8b45c1ffb4:1667088534.3216448
.hegetsus.com/	1970-01-20 09:14:24	Name: _fbp Value: fb.1.1667088534500.1676710062
.hegetsus.com/	1970-01-20 16:23:31	Name: ABTasty Value: uid=hqgw3mgqv1rp2v5y&fst=1667088534404&pst=-1&cst=1667088534404&ns=1&pvt=1&pvis=1&th=890494.0.1.1.1.1.1667088534411.1667088534411.1_893885.1113476.1.1.1.1.1667088534524.1667088534524.1_904872.1128396.1.1.1.1.1667088534528.1667088534528.1
.hegetsus.com/	1970-01-20 07:04:50	Name: ABTastySession Value: mrasn=&sen=3&lp=https%253A%252F%252Fhegetsus.com%252Fen
.hegetsus.com/	1970-01-20 16:34:35	Name: _scid Value: 143454df-8ce8-4ce4-83be-707cffe6c8a3
.snapchat.com/	1970-01-20 16:26:24	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlI0PIUx0Efp2B478ZBTYNKLqfYPSmRoMCLFT+X3d093KkRH6z1Ab/l2v4yAAAA
.adnxs.com/	1970-01-20 09:14:24	Name: uuid2 Value: 502355194133254517
.trkn.us/	1970-01-20 15:50:24	Name: barometric[cuid] Value: cuid_2ca89244-a21a-4cdc-a81c-58d97141548e
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQzs7AwsTA0NxPiM9T1S88KNjX387CsNM4BAFVo14olAAAA
.rfihub.com/	1970-01-20 16:26:24	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxtDQzs7AwsTA0NxPiM9T1S88KNjX387CsNM4BAFVo14olAAAA
.ipredictive.com/	1970-01-20 15:50:24	Name: cu Value: 81de363b-16ed-416a-bf15-886e09235e08\|1667088534910
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.hegetsus.com/	1970-01-20 15:50:24	Name: btIdentify Value: f1eedba9-d9f5-440e-c0ed-adb17639aa33
.hegetsus.com/	1970-01-20 07:04:52	Name: _bts Value: 75f3c29c-256c-422e-c1f2-a11bea89d6e0
com-hegetsus.netmng.com/	1970-01-20 11:28:19	Name: evo5_HEGETSUS Value: za9ycrdq9ihq2%7CO%7CV2pWTWNFeEJSRWRWYTJ4bFJVNVJUMWRsVFRseFRIcG5iM2d5VEdWSGEyY3JVbkJYUTFGVGNFeEJlblY2SzNWbGFsaHZMMlJGZUZoRWMwRlVVV2h4VUZBMFMyb3dkazV5TTNRMlZtMU5OblJoVmtadVZrcENVRlEyYzFJNVQxbE9XR2xuYjB0dmFXTk5VMloyY2tKQlNtTlphRVV6Y1dGcFNXZFJUSFkyTUVsRmJsWlBiR05GYVV4Q01WcExTR3AzVlV0WFpYaDBjMVEyYUUwd1pFNVZSSEpGY2psVmJqZG9iVTVYVW05dVVUSldaR1UxTWpKRVNXNXNjbEZFUm1abFpHWm1XWFlyWWxCWWJFSkNXblEwVWpGd01rOHdWRlUxUTIxUldGWnVkVVpKYXpKYWFFUjRPRWhDT0QwPTpBWVpUbFRlYWxuQ1ZDVEpDcklCK2lBPT0%3D
live.rezync.com/	1970-01-20 11:24:00	Name: sd-session-id Value: .eJwNylEOgyAMANC79FsWKm3puIwRhIRsskX0Z8a7z8-XvBOmb97WueW2Q9i3Iw-Q3vVWh3BCr781vyAAoyNiJnyKqJKiF7gG6Ln3-mlTXe4Tkf2YZm_SYtmQK85ES87IrJE4YSmRAop4q8qOHm5EIVK4_rfqJc8.Y13Alw._GvbJilU9QIOrW_FxHvxBOmyx5Y
.adnxs.com/	1970-01-20 09:14:24	Name: anj Value: dTM7k!M4/YErk#WF']wIg2GUcq1tEb!A#G).TOKQ9YfZ8=E'gDk^pd]jEXdcgkrwDe8=rZ=SR5/uO??J%nugO%v4VB%nmO/(57*f
.casalemedia.com/	1970-01-20 15:50:24	Name: CMID Value: Y13Al-KTCcE.ubrJBNNAvwAA
.casalemedia.com/	1970-01-20 09:14:24	Name: CMPS Value: 1157
.casalemedia.com/	1970-01-20 09:14:24	Name: CMPRO Value: 1157
.doubleclick.net/	1970-01-20 16:26:24	Name: IDE Value: AHWqTUlM26dap1HAjISQmBLfvS5yxoaEyGe4W7uv5zpozSuGmMpOEVhAvQVio0ktq0k
.media.net/	1970-01-20 15:50:24	Name: visitor-id Value: 3100901359110968000V10
.media.net/	1970-01-20 15:48:58	Name: data-rk Value: 5134455419668848176~~3
.hegetsus.com/	1970-01-20 15:50:24	Name: fs_uid Value: #o-1CMJBP-na1#6664139888939008:6290759503335424:::#/1698624534
.hegetsus.com/	1970-01-20 15:50:24	Name: fs_cid Value: 1.0
.demdex.net/	1970-01-20 11:24:00	Name: demdex Value: 28192325537942261000360266641277690649
.eyeota.net/	1970-01-20 07:04:49	Name: SERVERID Value: 18620~DM
.dpm.demdex.net/	1970-01-20 11:24:00	Name: dpm Value: 28192325537942261000360266641277690649
.krxd.net/	1970-01-20 11:24:00	Name: _kuid_ Value: PKvdhK8J
.bidswitch.net/	1970-01-20 15:50:24	Name: tuuid Value: d6c33882-e2b1-4115-87a9-208f987f4a61
.bidswitch.net/	1970-01-20 15:50:24	Name: c Value: 1667088535
.bidswitch.net/	1970-01-20 15:50:24	Name: tuuid_lu Value: 1667088535
.spotxchange.com/	1970-01-20 07:45:07	Name: audience Value: 0b1cdc3a-57e7-11ed-a60c-1ce730eb0106
.everesttech.net/	1970-01-20 15:50:24	Name: everest_g_v2 Value: g_surferid~Y13AlwAAAYs48gAO
.hegetsus.com/	1970-01-20 15:50:24	Name: _bti Value: %7B%22app_id%22%3A%22he-gets-us%22%2C%22bsin%22%3A%22apvR6jV%2Fw3Xneg%2B19jUi18dbns9t%2BsBiZoFH08m16CI9ckGIJEV%2F1xLJiEhzq%2FD4jldGVOA0guau%2FiiCdg%2BPsA%3D%3D%22%2C%22is_identified%22%3Afalse%7D
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129TKwDA7Oy8y0KM50SS1wdfFzTPLNcl3FKBBpaOyYU-7o6BhZbGKR7ugPAH5jeGoxAAAA
.rfihub.com/	1970-01-20 16:26:24	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129TKwDA7Oy8y0KM50SS1wdfFzTPLNcg3iNTQzMzewsDA1NjWyNJzFiOCbWBoZrELjn0Ljv0Lj_0LjT2JC5c9C4y9C469C429C4-9CV8-Cyr-Fxl_EKhBpaOyYU-7o6BhZbGKR7ui_ihXJy6YGpptY0azgRvMSGn-RMCr_ERofAD8y8ndwAQAA
hegetsus.com/	1970-01-20 11:24:00	Name: __hstc Value: 257663124.348d21330567f0865349ce16b3d6231f.1667088535770.1667088535770.1667088535770.1
hegetsus.com/	1970-01-20 11:24:00	Name: hubspotutk Value: 348d21330567f0865349ce16b3d6231f
hegetsus.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
hegetsus.com/	1970-01-20 07:04:50	Name: __hssc Value: 257663124.1.1667088535770
.hubspot.com/	1970-01-20 07:04:50	Name: __cf_bm Value: 91q5e2e5Gb4wS1.wbMd9pOV2UThWzNwgTlORBJ4vM2k-1667088535-0-ARyw5CxZe2yLoFLHXTim5WThiritS2P5v7nJ0HXDLVdbJhfACYMlm8qAWQRy4XrHu0nI6dhVSEsstUiT4eo2Gis=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5134455419668848176 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=b1572ca7-cd05-43f3-b043-6a8b45c1ffb4%3A1667088534.3216448 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20841567p.rfihub.com
a.rfihub.com
aa.agkn.com
ad.ipredictive.com
ajax.googleapis.com
alb.reddit.com
api-data-connector.abtasty.com
api.hubspot.com
ariane.abtasty.com
bat.bing.com
bcp.crwdcntrl.net
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
bttrack.com
c1.rfihub.net
cdn.boomtrain.com
cdn.bttrack.com
cm.g.doubleclick.net
com-hegetsus.netmng.com
connect.facebook.net
content.hegetsus.com
contextual.media.net
dcinfos-cache.abtasty.com
dpm.demdex.net
dsum-sec.casalemedia.com
edge.fullstory.com
events.api.boomtrain.com
googleads.g.doubleclick.net
hegetsus.com
hegetsus1dev.wpengine.com
ib.adnxs.com
idsync.rlcdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
js.ipredictive.com
js.usemessages.com
live.rezync.com
p.rfihub.com
partners.tremorhub.com
people.api.boomtrain.com
pixel.rubiconproject.com
ps.eyeota.net
pt.ispot.tv
region1.analytics.google.com
rs.fullstory.com
sc-static.net
secure-ds.serving-sys.com
secure.adnxs.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tr.snapchat.com
track.hubspot.com
trkn.us
try.abtasty.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
x.bidswitch.net
x.dlx.addthis.com
141.193.213.11
141.193.213.30
142.250.186.130
142.250.186.162
151.101.194.49
151.101.2.132
151.101.65.140
18.192.223.154
18.194.110.242
18.66.112.13
18.66.112.34
18.66.120.247
18.66.122.52
18.66.122.94
185.80.39.216
185.89.210.212
185.89.210.82
185.94.180.126
192.132.33.46
193.0.160.128
199.38.167.54
2.16.238.137
2001:4860:4802:34::36
23.35.228.23
2600:1f18:612b:4232:9c15:4654:b243:bd92
2600:9000:225a:5600:1:76cf:fe80:93a1
2606:4700:4400::6812:21ab
2606:4700::6811:43b0
2606:4700::6811:ba49
2606:4700::6811:d5cc
2606:4700::6811:edcc
2606:4700::6813:9a53
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:808::2008
2a00:1450:4001:810::2003
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42::396
3.122.214.165
34.102.161.46
34.107.143.101
34.232.208.82
35.186.194.58
35.190.43.134
35.201.112.186
35.223.93.255
35.244.174.68
52.19.32.187
52.45.108.227
52.45.50.76
54.145.145.153
54.194.129.15
54.194.97.242
54.76.86.77
54.82.219.205
69.16.175.42
69.173.144.139
69.192.160.219
0227e0e4dea130eb6f3163aa3ab03720dce83a0e219c282189b03bc5b8a727e3
034483fc6e188f0f0103ff2ac6ad6f1872a355f9d57b3c07dbe3ade221a4bb8c
08e2dd06a2623e00cb307c30ce4f24e386c1f8324a8d8fb92181b65a75a9ebbd
0bccd80751060354297223a0274808ceb3ee5c796384eec605c342559a1282cb
0d8a12d3764f192d1c1bbf514e958788df9e33876091d4640983dff866a71e70
0f77660e06a5f61a45c4dbdab511722357cf29e7f5ba1b2cf097550afdb0ed20
11c6717109577e5f58a2aceac09aaa8041a3d4db667362903ee47ca679ffd3b1
18c14b0194185353fc0ccec8298d222b4a8f8b1f79ad2f1b297192ac7f1d4066
19d21c07877ac0c462d451d3a2789318f0c2b239c7fef2236f1eb5084bce3098
19f9fee9932f6c968f1466e130fdef77f654cbfd5e5cb111836b061b9940693d
1c2bf8f497badde115c49c830aa44a4107ca53d966cfa59bbf35bc242ad5cf24
21335b4b23907b2303b3e06943f13e24cc192699d3fb5f1b388a604676214c46
223c861ca18298789ace6b3a62293f52dec025db663c6ec501756c797b86e805
270c8a59ad9b9c6e82b468f77e8e025c7e31c7a15d8a1ca86420bfb3e32f375e
2752516833d95c15aa10680a6fdd40dfc87a5ca5350ec8fea0317bdac0a4eceb
27bafb82039a364d3fe2d91a9a436224a769566fe95e1f0991d6dc73e46b0d7c
29d772f213a2c3c8c93ef568dc8d4c53891753ea66de1c3c3cd1b2062eab137c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fdf0bc645b1f658b9ed7deb8831ae8500b380e5977db18de8dd439cbd089397
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
343e318bcca305dc01124331523d7df03bc313f477523575d05df5d962c60b0a
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
38cacf79a3100b93171c6ef9042388e394ac1e48af093efc7d6f4fd80871de49
397c2cff914ba04842faf9e1453bd84633db8094b0597a971459297686fdf80d
3cd50ff3ff374f65d1e16c3f66cb6ce969d10dff915bbc42eb31358f4c5f706b
3e4340a38652063e82497764b2282a7849f22856c17af052368d44e455ab59f3
428a94e98f91a5680a171cdc7f01c2321778a4599e7ef8677f841147314bc8ce
437cb29b00c6e9fba3e3720954645b621092eef7d4e1e03845b3a58c924d5a08
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
476bc45ff8c29254d002b7948f859fb5c3bc06c0ec33ba3ac6ccb57411aae7e8
477ab4b51875ebc6032009a089decac8fa13678113532710f677b74aecba093d
491f93fffba5238bf69ac3dbd187ece8b493792f7675c96e5256f730a6c0c632
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5338571afeeb2dd831407d5cb6fec278508ac766952bac2c5e23c565e381c80f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bf301988816be0f83195ff867b987d3ac8e178395a862de9959092c5aa337d6
5cf640b8f085306658420c84374924cbd6c71a4a8d200cbf1ef384dee465ae21
5eadb5ecc285c92bca70a1d42e8970100be9297bd35f407081802c5d23c47f95
60c2f3a696ac625ae2a214a4c5f5c2c7a51982b5501146165e6d95350b8c7b4d
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac
67fa22be9a14fe7ea92a7031849ae0bebdfd7aa7337c8ce8bfd445782d11bbb6
69603ddd2c8cfb2b459b2346fdeff1dcdc9cc5737d4b443dea2cce16c804276e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c7cc80e0dacba4e581b2fbc9010c4ee48fc5d8b3cf00328abe696334a1764f1
6e34252fd53708409d2e828b84dec33cd9aedfc50afe539d9620b2c734ca524f
6e919d620187efd74face45013e224f300c61d5215c4d89397ef3d98d25547a3
6ec05b1702cd59429a228f64a7c85492f49ddbd1ebfd6a4cdca76c78d84f4c94
716fb58ad47eaf2e58e33938c37a5d36a1781188c7fc71a74704b8ccefa1e024
725a7c3f25d19e7d60302c0a274b20289a3c8f8c8c7cdcdac558a78c2fc46ec2
75ad109a7be955c0bc1d8c97a29e6814ea45f13163f3bd931bde56ff41e8d992
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
7b667a26489074fc276afb22946b4eaa5e2cab44b3a647079821d30d9210fc1c
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
81d91a338a5fcf58b56459e79fa48cdbcfb6e52d96707e85c5ed3581adb80670
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ab48b971010d2d8887a324917b320ca2af8b95a0845fca658a81c0cabcc44a7
8f0eb9745497c60312e9630f0308ac0f6e16be057f941b284fb0b30bb39f7a5f
945624698e704557bfe0c345e56b8fe98a161f7c6cea738d76f5a346d5f44ea7
981d70456f3d9bbfd1a8586a957c83adede1e79da4519947aa7c3aa32b1b397b
98724bf51124982e577eb8196150b76bce0de0a7cd927fed56eb15c696a53920
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98dfdae0bc890aea5ea4a9e955d7cd7dade0272b731ddc4441294e15bd1f83c6
9c4dba89272fdf4369837371cc8cf95d3c40d359b3f3d8be37ffbebcc47625fe
9e45c7e9cf70c4ebbe573d00e3da2cd8ed6446e38a7b8305951fd7ba41734c0b
a016d3cc314d2c3502a258c0238a8f2d197ea27bf244499bbcd419a12092447f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3d1ee6dba1740907e52cf9fc741c9502d6964093a1d31d6d0ee602bf5fc937b
a6c5b542f35ba2680e0d3b8b2598eb161e9bfa5df6cf236452ebd2a49f9ff9e2
a8fff3b767d8729496cb9b302ec700130fd28755eef7f6c1ad9a9466201c1f5f
a9eeecb88a881d5d9211772ad6df8b3f15f04e31bd83255e747c9e304e8d9182
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce
ad1f5496e603da320a872f824b89529a418d57b7c060200a8a55cfdc6dbd88dd
b07f2ec40f0ff0a4e211f74eff00d806b94cfe269aaa0a821ef905250f98132e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21404c692edfa998329f4841526b2ff12abfd24de77132bd3a0c7e3ec91d5b5
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b3308bdcdb0cbd7668a7d70204ebbd50b2ec8a8a5c85c5d21de77c9fd9f3d66e
b36f049b39ca446197399407316d5eba758d3bbdb54c72e19cc7385ce73259d2
b3e496dc4a36cd00517a422fd0347d82320ab7280cf3f37340de03342d3da43b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6fbf3dffbfd25be712f2d5d50e5ef05ae98a6b1bf37736820847d7b800ca4d4
b9e81a47aecd3d05445ae775f48d08b3de46b2039f1d229a58a87be194e327ec
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
bef921d78a79645a165d82db6f3617aece4ee5b4a49912d327752dde5c833ed8
bfe43a988fe646fc0a1cc7526c657056c6e80fc3f923a7412ac165e921c45e87
c02c39312062b70db1e8c9eabafcd7adaec452805512fe73438d7249fe714172
c766798375aeb87dcd478eecae5d4eca5b662643689cb325e1684c28b728d529
c8b751342d1b12aaf8a1d0350a7a55dc090575fa555b554fe9c7be71d287d333
ca79531b35de5b1b4ca8360d5e8ddf33071ec08881717a5dc8c682346cfd79e2
ce6df16d26aec9364991b4b964b8a2e23ea150c3456fe19db40fe6538657ac47
d61856aa05b1fb15f64c64481b50cc3d94a1af1b627032ca4965452c90342518
d67cf70b18044a0f739304aefe60cd616634fac567180398e1524ac22a5c8513
d7ca90f5224456c5b0b3377d1dd87a5a96ee9f07b6b9ca0b86e4e757b3a0f50b
d9a10d631d51e724160672105e820441ada7d150b4b67e3941ca98781fedde16
dac4bf39930c87381df13eb2f9e3c1f8e8c4e96dbd84a276edd56c73161fc8b9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc23d15fe1341e674d02d382ee822e6f70a2372237defbb10ddff7ca9ae01cb4
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07332c72aa495bd9d3116164fe3ef3a9d7d3599d99f5ec612e43955b9e2de96
e33796c082c5afa46e755b33a9b2515adf5ad526ea1641460742a885e7203e8e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e487ce5433a37fd86208670ef74a36ae89ea3454ecc8707fc996cee04185f321
e4a7990208e308b7daac68cd412081588b1efe3940de2a8dc1aec7fcf74c8c7b
e4b4572d3a4c5e15a4784258a7353d4fa039bcf5115ca38d2e427caf1dfd6039
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e784a0b09b3586b9fa84e9ea693974d0bb467876e8416deda5ee7b93bc1c0604
ea1cb006df3c1f6440b990de572be3b3b5930394856d0d2c749471fdecf43a86
edc44a17354992cb12430c3ea1fa6a6915d8268767ff800a739dfe883f0ea935
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f016457c62586c46ba195f79701a295ecfe498244c641cbdfd92718dd01b7a51
f500dd9eecad6cb9e2ab85744a0057c0b678be56354fc4f778d508cf40f717e4
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
f9c5185daa073cbab8f57677b4d02988950134a6601092e84fe78eedac454338
f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3
fbc21ba11f113e22e07da91847ec94041e8a02beaf6f3ea7798c531ce700f320
fd8fa04bf615fb39ff18fcbaf00a824fe46c5a8b385fe410ee5cd1dc305ea76d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

hegetsus.com Open in urlscan Pro 141.193.213.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

175 Requests

94 %HTTPS

32 %IPv6

50 Domains

67 Subdomains

62 IPs

6 Countries

2855 kBTransfer

5617 kBSize

58 Cookies

5 Outgoing links

Page URL History

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hegetsus.com Open in urlscan Pro
141.193.213.30 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

94 %
HTTPS

32 %
IPv6

50
Domains

67
Subdomains

62
IPs

6
Countries

2855 kB
Transfer

5617 kB
Size

58
Cookies

175 HTTP transactions
1 data transactions