www.gha-associates.com Open in urlscan Pro
18.193.36.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.gha-associates.com/macrium-software-sitedeploy
Submission: On September 05 via api (September 5th 2023, 8:26:59 pm UTC) from US — Scanned from DE

Summary HTTP 90 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 15 domains to perform 90 HTTP transactions. The main IP is 18.193.36.153, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.gha-associates.com.
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.

This is the only time www.gha-associates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.193.36.153 18.193.36.153	16509 (AMAZON-02) (AMAZON-02)
12	143.204.9.48 143.204.9.48	16509 (AMAZON-02) (AMAZON-02)
17	108.138.7.63 108.138.7.63	16509 (AMAZON-02) (AMAZON-02)
1	3.67.22.251 3.67.22.251	16509 (AMAZON-02) (AMAZON-02)
11	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	18.66.112.80 18.66.112.80	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	174.129.188.71 174.129.188.71	14618 (AMAZON-AES) (AMAZON-AES)
2	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	108.156.0.36 108.156.0.36	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
6	52.21.134.232 52.21.134.232	14618 (AMAZON-AES) (AMAZON-AES)
90	21

3 18.193.36.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-36-153.eu-central-1.compute.amazonaws.com

www.gha-associates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.9.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-48.mxp64.r.cloudfront.net

irp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 108.138.7.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-63.fra56.r.cloudfront.net

static.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.22.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com

app.multiscreenstore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net

lirp.cdn-website.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.129.188.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-188-71.compute-1.amazonaws.com

tag.structuredweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.0.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-0-36.mxp63.r.cloudfront.net

d32hwlnfiv2gyn.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.gr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

gha-associates.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.21.134.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-134-232.compute-1.amazonaws.com

rtc.multiscreensite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	cdn-website.com irp.cdn-website.com — Cisco Umbrella Rank: 20373 static.cdn-website.com — Cisco Umbrella Rank: 20514 lirp.cdn-website.com — Cisco Umbrella Rank: 19778	625 KB
13	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2067 ekr.zdassets.com — Cisco Umbrella Rank: 2365	691 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	610 KB
6	multiscreensite.com rtc.multiscreensite.com — Cisco Umbrella Rank: 21484
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3238 www.google.com — Cisco Umbrella Rank: 2	34 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	220 KB
3	gha-associates.com www.gha-associates.com	60 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	88 KB
2	zendesk.com gha-associates.zendesk.com	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	21 KB
2	cloudfront.net d32hwlnfiv2gyn.cloudfront.net	19 KB
1	google.gr www.google.gr — Cisco Umbrella Rank: 24686	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 87	249 B
1	structuredweb.com tag.structuredweb.com
1	multiscreenstore.com app.multiscreenstore.com — Cisco Umbrella Rank: 99577	19 KB
90	15

	Domain	Requested by
17	static.cdn-website.com	www.gha-associates.com static.cdn-website.com
12	lirp.cdn-website.com	www.gha-associates.com irp.cdn-website.com
12	irp.cdn-website.com	www.gha-associates.com irp.cdn-website.com
11	static.zdassets.com	www.gha-associates.com static.zdassets.com
6	rtc.multiscreensite.com	static.cdn-website.com
6	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	static.cdn-website.com www.gstatic.com www.google.com
3	www.googletagmanager.com	www.gha-associates.com www.googletagmanager.com
3	www.gha-associates.com	static.cdn-website.com
2	cdnjs.cloudflare.com	static.cdn-website.com cdnjs.cloudflare.com
2	gha-associates.zendesk.com	static.zdassets.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	d32hwlnfiv2gyn.cloudfront.net	www.gha-associates.com
2	ekr.zdassets.com	static.zdassets.com
1	fonts.gstatic.com	www.google.com
1	www.google.gr	www.gha-associates.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	tag.structuredweb.com	www.gha-associates.com
1	app.multiscreenstore.com	www.gha-associates.com
90	20

This site contains links to these domains. Also see Links.

Domain
www.gha-ecommerce.com
twitter.com
linkedin.com
irp.cdn-website.com

Subject Issuer	Validity	Valid
www.gha-associates.com R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
multiscreensite.com R3	`2023-07-28` - `2023-10-26`	3 months	crt.sh
*.multiscreenstore.com Amazon RSA 2048 M01	`2023-02-10` - `2023-11-22`	9 months	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
structuredweb.com Amazon RSA 2048 M02	`2023-08-31` - `2024-09-27`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google.gr GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
gha-associates.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-30` - `2024-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.gha-associates.com/macrium-software-sitedeploy
Frame ID: 160C0BA6EBE1ED453FC63581ED77B4C9
Requests: 66 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: FB9D758D558D4525B9A645008B167680
Requests: 6 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Frame ID: 70A332FA990B5F8110044F504AB24D5A
Requests: 6 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz&co=aHR0cHM6Ly93d3cuZ2hhLWFzc29jaWF0ZXMuY29tOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=checkbox&cb=64wcujthwk8c
Frame ID: F0C9062735D5F4957486AFFDC3A7169D
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz
Frame ID: 0127027778A51875C1354F2B92B4A5F7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Macrium Software SiteDeploy

Detected technologies

Ecwid (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

https://app\.multiscreenstore\.com/script\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

90
Requests

100 %
HTTPS

45 %
IPv6

15
Domains

20
Subdomains

21
IPs

4
Countries

2389 kB
Transfer

7052 kB
Size

13
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gha-ecommerce.com/Login/main?fdestination=https:%2F%2Fwww.gha-ecommerce.com%2F%3F
Title: E-commerce

Search URL Search Domain Scan URL

URL: https://twitter.com/GHATechnologies

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/gha-technologies

Search URL Search Domain Scan URL

URL: https://irp.cdn-website.com/22eb0d38/files/uploaded/Macrium%20Reflect%20SiteDeploy%20Datasheet.pdf
Title: Click here to download the datasheet.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request macrium-software-sitedeploy Show response
www.gha-associates.com/ 330 KB
54 KB 71ms
14ms Document
text/html 18.193.36.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gha-associates.com/macrium-software-sitedeploy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.36.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-36-153.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fbe03b12661284828eb64167e3780c61b0c3e912c0b88a70835f929ea183a780

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 54863
content-security-policy: frame-ancestors 'self'
content-type: text/html;charset=utf-8
d-cache: from-cache
d-geo: EU
date: Tue, 05 Sep 2023 20:26:53 GMT
server: nginx
strict-transport-security: max-age=31536000; preload
vary: user-agent,accept-encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 css
irp.cdn-website.com/fonts/ 125 KB
3 KB 83ms
19ms Stylesheet
text/css 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9850fd95e095357d8c0bb62b4553a8ae9791acf507dc1ea7bde4bd1d5076bb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:35:48 GMT
content-encoding: br
via: 1.1 3324a8ad97d1ad89d31d73e8b93b919a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MXP64-C1
age: 701465
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PMm58ZjEklqQTe6byW94QMiIthNdGVZftqg2AdOtOFu4wnWbgZosRw==

GET
H2 200 d-css-runtime-desktop-one-package-structured-global.min.css
static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/ 205 KB
26 KB 35ms
7ms Stylesheet
text/css 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51f94fd13c2ec9e06d335a967366c39401878a5f1e4166e269017c7f70901494

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:21 GMT
x-amz-version-id: fknzNVrPmexiqcPd.Aas_oRLWTX6jhth
content-encoding: br
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 33513
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:03 GMT
server: AmazonS3
etag: W/"5931ee78a201d22aa2f29fc63164f6b2"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: srot0TbCHyZXmt1VhjtoRYfBjvXB2Fpr9NYGPPhygPuqvLnSriARiw==

GET
H2 200 dd454f04bdb6b97b132f42e362bc3722.css
irp.cdn-website.com/WIDGET_CSS/production_3732/ 28 KB
5 KB 87ms
24ms Stylesheet
text/css 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/WIDGET_CSS/production_3732/dd454f04bdb6b97b132f42e362bc3722.css
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81dc46e91d130a3f91f7ea1891b763142f469f1bdba536af7591c7eb133cbb70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:10:45 GMT
x-amz-version-id: LAR0CLuofE.AFe9vraeSPVtyPIfo0Zv.
content-encoding: br
via: 1.1 3324a8ad97d1ad89d31d73e8b93b919a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
age: 33369
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 11:08:17 GMT
server: AmazonS3
etag: W/"878e9b8fafafb1188f78a08b5447bf8c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: bmNX7SQR_w9DIj2uyL_JmHL22YhKYluydA3PqQ_4JiT7NDZDIsA5Lw==

GET
H2 200 22eb0d38_1.min.css
irp.cdn-website.com/22eb0d38/files/ 552 KB
49 KB 95ms
32ms Stylesheet
text/css 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/22eb0d38/files/22eb0d38_1.min.css?v=218
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7a49a76d85312d8987fa0a45950fe65e1fb5efca87cfcbba7db1d81960af45a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:30:40 GMT
x-amz-version-id: I1HkgWC_xq8Uzdu.69_p5S1NLA1VUiPH
content-encoding: br
via: 1.1 3324a8ad97d1ad89d31d73e8b93b919a.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
age: 3374
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 18:02:47 GMT
server: AmazonS3
etag: W/"95ffba1647265dd3f7ae8afe081eb27f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
x-amz-cf-id: vOS3XgwCnmGsJKrTmmGdniF0Kvm7AOQtcX88zEXYANk47xGBYDXcCg==

GET
H/1.1 200
OK script.js
app.multiscreenstore.com/ 0
19 KB 417ms
290ms Other
text/javascript 3.67.22.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app.multiscreenstore.com/script.js?88979573
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date: Tue, 05 Sep 2023 20:26:53 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"-10706415"
Transfer-Encoding: chunked
Access-Control-Max-Age: 600
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private,must-revalidate,max-age:3
Vary: Accept-Encoding
Connection: keep-alive
Access-Control-Allow-Headers: Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 79ms
45ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=69b4f2f3-d489-4a73-b77f-2933482ec8a3

Requested by

Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TDMQPT020DRW1117
age: 32
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: zMRnAvKOAJXxRvPq8+B1zeL5aayaTgRJkXk1UzH1Ado5lR6+z1lafaTP6MEs86XDeFT1Mq3O6PuGW79rziCiBA==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUoBvCxkFNQlJrv2xxvpfoqnhwfod7vd5Hrcvg4ThnGyk0pDYHF%2FB98FPrp73NGJTcvD6o%2FztzoR5aU2HcxaRNdeR1BLDnn0S9CAJoOW9pBQkM67zWrwYJOqcSNQLyktdRUauIM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 802135b1f9c1bbdd-FRA

GET
H2 200 ghaofficebuilding-1920w.jpg
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 72 KB
73 KB 60ms
8ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ghaofficebuilding-1920w.jpg
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f4b9e0f03742901e035245b6a32c104004c3960b41f3db1bfcc557ba1e9ba96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:30:29 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3718585
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 73748
x-amz-expiration: expiry-date="Tue, 12 Dec 2023 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Wed, 14 Jun 2023 21:02:16 GMT
server: AmazonS3
etag: "74650db005e664f0388a9c71e52918c9"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: UNcNkzFOGx3NXVMWYFzY5IsBooq4qSbu4WUtX9WzWv10vyRwWVh7gQ==

GET
H2 200 GHA_Technologies-93d8afea-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 10 KB
11 KB 60ms
8ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/GHA_Technologies-93d8afea-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8172b427a719b7d9a1f703c9e98de718e03d4c3d16b4a0ea30ff7c4dc6c3d1a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:30:30 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3718584
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10362
x-amz-expiration: expiry-date="Wed, 09 Aug 2023 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Thu, 09 Feb 2023 19:44:37 GMT
server: AmazonS3
etag: "2040db6b23fd740dc1f1c13c4517fdc9"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 30h63R_Kpi-3wR_5tZlXU3p1tKBrXJ4pGXmLm6Jqx4c5e11N6v70Xw==

GET
H2 200 Company_Logo_f5621719a7.webp
irp.cdn-website.com/22eb0d38/dms3rep/multi/ 7 KB
7 KB 488ms
486ms Image
image/webp 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irp.cdn-website.com/22eb0d38/dms3rep/multi/Company_Logo_f5621719a7.webp
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 604e127bddf35b7a6d7305cf2eb4195536811a298ef4b3e4a35d530f85b0d55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: weVDbcrpnN_jpsEpKp3y.Rrm7J1ftoiT
via: 1.1 3324a8ad97d1ad89d31d73e8b93b919a.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 03:19:12 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C1
etag: "6a2fb552194a7bd396aaa397156f1ac0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 7030
x-amz-cf-id: DTteIhR1RwAfvwgiUR2q-kxQFNC1MhZ06k7dGNGiZK2Mk2zUe09NLQ==

GET
H2 200 Site_Deploy_icon_White_49c744647b-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 5 KB
5 KB 481ms
429ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/Site_Deploy_icon_White_49c744647b-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9815a73ed1c060800ebbb4bb9a9c4d3f65624b28ae1aa15cdd656e320035e813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 03:22:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "ede4887df03c3e472abb1e6ef636d6a0"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 5050
x-amz-cf-id: 3HNgChy7OxS0M3duCraq9_qoGpfVtN80Wr92mBeU3mxk-7o5KQb4-g==

GET
H2 200 Picture5-990b6d028a01453c-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 3 KB
4 KB 476ms
424ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/Picture5-990b6d028a01453c-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00ec1fceba02e4a33f2f2a601bfcd5d85494c65eee228761c195a188077b5596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 19:53:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "497615e395214eed4bb2c4d4a3da1c0c"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3554
x-amz-cf-id: LwtKpQjduFzurnZy1Q1lao5dJlDGEpIOjwMgDYJBMlnSkD8NDiA_xg==

GET
H2 200 Picture6-990000000001453c-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 3 KB
3 KB 216ms
164ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/Picture6-990000000001453c-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b0d92e2f629a84f4dbc435b83d2c8225ed3f961fba2e3a63d41849cd31e4d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 19:53:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "4fc3eba7bdf3c92e317f132136c9e473"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 2706
x-amz-cf-id: OgnczQlsPjCmrYW5-GWapbi030K6IE5ak_Mh7GTariePQb1Ha_mSVg==

GET
H2 200 Picture7-99000003cf01453c-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 4 KB
4 KB 474ms
422ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/Picture7-99000003cf01453c-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1d1de0346e7ff9c546df2f25187101fdd7766862b93b9b57ab50eb418d57a84c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 19:53:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "900ab535be46faf3f12a3ecb0e0a3641"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3950
x-amz-cf-id: 1_Z6okikWDmMafEGTEHkPOKhMoMilwUIbdCpsrR7g6E9OTllBwMYBw==

GET
H2 200 Picture8-99079e000001453c-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 4 KB
4 KB 180ms
169ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/Picture8-99079e000001453c-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d49894c7283158ab1e1bf1e5bfd1e26b1f24605678c2c561b5df29b396535ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 19:53:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "7a1b091cc1284a50f7d15c2cdc1fdca9"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3658
x-amz-cf-id: d46GKwB7S-rOTls-uWP16c-oli0h_Kf31vdcF6sNSbfwqGD3-z_X3Q==

GET
H2 200 tech-9901450b6d01453c-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 4 KB
5 KB 442ms
432ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/tech-9901450b6d01453c-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40c0820830ffbf3cd8caeb4da070e077c22f5e44c1d5dfe36c4cf45491db6af9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 19:53:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "999d9bba186eaaedc087694ee4d2db3e"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 4132
x-amz-cf-id: Q3Wl0kIgfGvYGWPsN9LjsQmNsprxJz3BMn3oPX_cY53cFpfqP1CsdQ==

GET
H2 200 multi-990a28028a01453c+-+Copy-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 5 KB
6 KB 457ms
447ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/multi-990a28028a01453c+-+Copy-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b8ad07703dbf0d99cae9adba8b69411571ae0bfed0eee691c61cef670ff6d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 19:53:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "b6f7544080a1d888dff3fefd7d50c142"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 5380
x-amz-cf-id: HFkZDyqIWR3JFb25Fhf3WMd0wRzTOVop6ro-DAvz2eUcyqRBatnp5g==

GET
H2 200 GHA-Logo-white-1629be33-73c5232b-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 4 KB
5 KB 20ms
10ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/GHA-Logo-white-1629be33-73c5232b-1920w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd248d4e254118f367b29bee59fb061b3a785dce36e0925017bccaa78a0d3288

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:30:31 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3718583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 4392
x-amz-expiration: expiry-date="Wed, 09 Aug 2023 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Thu, 09 Feb 2023 20:29:36 GMT
server: AmazonS3
etag: "e49e3225eacdd180cc46996edf9b692d"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JhUwCcbVTx1ny1tC8uP7r4T3qetW0wzoEf5IJzVuVHY0VL9m-nPpqw==

GET
H2 200 jquery-3.7.0.min.js Show response
static.cdn-website.com/libs/jquery/ 85 KB
30 KB 10ms
9ms Script
text/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: JlB87n.8JeSlNMpjtnQ7ZQFJjIuOXDIf
content-encoding: br
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
date: Sun, 03 Sep 2023 09:38:05 GMT
x-amz-cf-pop: FRA56-P6
age: 211729
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 10 Jul 2023 14:02:06 GMT
server: AmazonS3
etag: W/"e6c2415c0ace414e5153670314ce99a9"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: UVs9rxuILHM17T8W9fdFpb_RbDcjZK-z3eujHoT2qkQ8MmHbt_dgYg==

GET
H3 200 d-js-one-runtime-unified-desktop.min.js Show response
static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/ 358 KB
100 KB 8ms
7ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4b5fa9a4f8d536bbe148727a36588ea2d3db5b60e072fa00ca30b2893f43a81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:21 GMT
x-amz-version-id: xH_kTBf2bfT.mykymlnHIOdCe4j5L_hi
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33512
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:04 GMT
server: AmazonS3
etag: W/"8d9d00aeb2b4c323062f05c67a2acc8c"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: KDcop-nzdfhVWxSx-2jZ_ctb45teCLqY3j_gIHX0tCKKsgmU2CGiBw==

GET
H3 200 d-js-jquery-migrate.min.js Show response
static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/ 11 KB
4 KB 17ms
15ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-jquery-migrate.min.js
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:15 GMT
x-amz-version-id: GsO6RS5rp9I8yZpL0cQiK31eEsnYcz3_
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33519
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:04 GMT
server: AmazonS3
etag: W/"0c0a1fa81ed04355cd2c63c134163cc0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: _p4TlZunNPZloZ5GT2XS025cu1-NXPgyMav64Azfm-7NpZOyYSp5gA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 217 KB
77 KB 67ms
32ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GT-K8KGMK8

Requested by

Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

078d19177cf356f1b450ef1698fe13407d675e4558ef25be7526b8a7f99bf652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78835
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 20:26:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 56ms
21ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49330317-1

Requested by

Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75c6a2dfe2c4802fef56d3176bf050dc3360265af10458e2314ad0987b121c17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66723
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 18:50:18 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 05 Sep 2023 20:26:53 GMT

GET
H2 200 SWTag.aspx Show response
tag.structuredweb.com/sw/app/ServicePages/Tracking/ 0
0 326ms
94ms Script
text/html 174.129.188.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.structuredweb.com/sw/app/ServicePages/Tracking/SWTag.aspx?companysiteid=aiHpFFQ6A7uloCppFeqCNw2
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.129.188.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-174-129-188-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

GET
H2 200 69b4f2f3-d489-4a73-b77f-2933482ec8a3 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 236ms
195ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/69b4f2f3-d489-4a73-b77f-2933482ec8a3

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=69b4f2f3-d489-4a73-b77f-2933482ec8a3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29b8ff027da14dd0cc108b4e81fafd387cb8d87af02a934951afe2c9b64ac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7fd856cdfb4910bb-SEA, 7fd856cdfb4910bb-SEA
x-runtime: 0.002476
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d29b8ff027da14dd0cc108b4e81fafd3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC3F3PBEaFup6Z9AJbXnu7T%2FteAaOYvNyMbdnqxR4yDRCEySRbMoa%2F1%2Bc%2FbwZzfofWsLOU0xJ901oOOuctmcbsXnjACcxX%2B3MMt4gZir%2BpgCxHNWdf%2BhUbJEPR5Grjru3cM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 802135b2ac9437de-FRA

GET
H2 200 69b4f2f3-d489-4a73-b77f-2933482ec8a3 Show response
ekr.zdassets.com/compose/ 1 KB
959 B 229ms
204ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/69b4f2f3-d489-4a73-b77f-2933482ec8a3

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=69b4f2f3-d489-4a73-b77f-2933482ec8a3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29b8ff027da14dd0cc108b4e81fafd387cb8d87af02a934951afe2c9b64ac66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 0
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 7fd856cdfb4910bb-SEA, 7fd856cdfb4910bb-SEA
x-runtime: 0.002476
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"d29b8ff027da14dd0cc108b4e81fafd3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=38ohKVyCdZZmMFtLbZphX48n57Ntf3i9QRin2OWOX3H%2BU1WKAckZ8OCK72YuTO9v85IpTXgVEUY5CDtdbXk%2BkpkW%2BJ4bREuhoh2vW%2Fl3iOxcwsE0UDpCsJTPmMWvWiyo%2FuU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 802135b2ac9637de-FRA

GET
H2 200 gha-background-f50b7df2-1920w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 7 KB
7 KB 21ms
11ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/gha-background-f50b7df2-1920w.png
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/22eb0d38/files/22eb0d38_1.min.css?v=218
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fa25c9141c79c34486380e86a61dcbf1938e5e90016bf343221de3e1285268e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://irp.cdn-website.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:30:31 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3718583
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6940
x-amz-expiration: expiry-date="Sat, 20 Jan 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Sun, 23 Jul 2023 18:20:34 GMT
server: AmazonS3
etag: "3de0f6fef1761d97d4a63a8213a8a154"
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FooSCacBWzrglsypxwQG5pD-htwKOY2SvHJ8pXzTzhPbW5PoOgFscg==

GET
H2 200 banner_graphic_255px_1261bd6173-2880w.png
lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/ 6 KB
6 KB 447ms
437ms Image
image/webp 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lirp.cdn-website.com/22eb0d38/dms3rep/multi/opt/banner_graphic_255px_1261bd6173-2880w.png
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-80.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27a5364233697dbe4f7c5349587137320c51e17e95115b6c43a7055d64541d23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
via: 1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 22 Feb 2024 00:00:00 GMT", rule-id="delete images after 6 months"
last-modified: Fri, 25 Aug 2023 04:14:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "d53e2b57605ab47cc04571f6cdbe50bd"
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 5848
x-amz-cf-id: uBBsCiEZPInUagfYwP21N-usNfwZ24HDsEYTeexUD3gmQ1gjX2VVIA==

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
irp.cdn-website.com/fonts/s/poppins/v20/ 8 KB
8 KB 40ms
19ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 00:11:24 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 418529
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 7884
x-amz-cf-id: r_kZHEU8epEgdxZlPTT10YofCxXbZ_tqa3MD0gYGcIxCzAK4LbM3tg==

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
irp.cdn-website.com/fonts/s/poppins/v20/ 8 KB
8 KB 22ms
18ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 06 Aug 2023 23:14:15 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 2581958
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 7840
x-amz-cf-id: tmFzabiVem-AJTR6p2ZvQGBI1Hoxwe-Qsm1T9bQz6lZ3HjTaAAGI7w==

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
irp.cdn-website.com/fonts/s/poppins/v20/ 8 KB
8 KB 24ms
20ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 00:30:55 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 1281358
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 7816
x-amz-cf-id: qz2CRNQp2uvPOz-vD5cWIKTWF_8vo8k0UXB-hBwBi1wAJ_EQEjIRtg==

GET
H3 200 pxiGyp8kv8JHgFVrJJLucHtA.woff2
irp.cdn-website.com/fonts/s/poppins/v20/ 8 KB
9 KB 29ms
27ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 21:21:49 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 947104
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 8668
x-amz-cf-id: zqKj0dka01FQ1OcRK0D2juuP1qONWjzJ0EOLiS40NyFz1S1LyNvn_A==

GET
H3 200 dm-social-icons.ttf
static.cdn-website.com/fonts/social_icons/ 7 KB
5 KB 26ms
11ms Font
font/ttf 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/social_icons/dm-social-icons.ttf?v=xtwitter
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdb1ac36dd2829866f08390c3e81d461cb56d55d2560e64363492ffb5c3403fa

Request headers

Referer: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: SnRg4BCe_t8.mDksTi8_1rrWfeVHsdOl
content-encoding: gzip
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
date: Thu, 31 Aug 2023 09:12:04 GMT
age: 472490
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 16 Aug 2023 13:17:02 GMT
server: AmazonS3
etag: W/"dc5859377b2ca918e132fce2532929d0"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: OCARiHkgnaQa7bhCZziNPTknILMSao5lrPyDJf8AXL3dHtFY2iM3TQ==

GET
H3 200 fontawesome-webfont.woff
static.cdn-website.com/fonts/ 96 KB
96 KB 18ms
11ms Font
application/font-woff 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/fontawesome-webfont.woff?v=6
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07

Request headers

Referer: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: bR46Z9gnVogjFEVmln4nlzTlCUFntZSU
date: Fri, 01 Sep 2023 11:45:38 GMT
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
age: 376881
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 98024
last-modified: Wed, 05 Jun 2019 08:06:55 GMT
server: AmazonS3
etag: "fee66e712a8a08eef5805a46892932ad"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: kwwzUvl_uhk4mh-kkx8ZOHDYoOpjN4-xagEchfh0EFdt7LZM-98zxw==

GET
H3 200 pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
irp.cdn-website.com/fonts/s/poppins/v20/ 9 KB
9 KB 37ms
36ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 00:31:23 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 71730
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 8712
x-amz-cf-id: qypAYeld2hInjNjTr28cBr04mypjknw-bxVqzHbbtLMJXHGSsQ1YHQ==

GET
H2 200 sp-2.0.0-dm-0.1.min.js Show response
d32hwlnfiv2gyn.cloudfront.net/ 49 KB
18 KB 92ms
20ms Script
application/javascript 108.156.0.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/sp-2.0.0-dm-0.1.min.js
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.0.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-0-36.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 06:00:40 GMT
x-amz-version-id: IZwYrapPL5STtMyaSYUvOnEvHgmJogqU
content-encoding: gzip
via: 1.1 61bbb65ddfb7a23272f71c61d393f8ee.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP63-P4
age: 3248774
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 20 Mar 2022 08:45:42 GMT
server: AmazonS3
etag: W/"81ff203c31c9a3e5c15c5a790eebb460"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=6048000
x-amz-cf-id: YNAItsXdUN63ju6oE4boCrXiYENwVk4fgolChs7zW9UxfBAt8iKLRA==

GET
H3 200 lozad.min.js Show response
static.cdn-website.com/libs/lozad/1.15.0/ 3 KB
1 KB 11ms
11ms Script
text/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/lozad/1.15.0/lozad.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: _6SCyxVyLbypq6FqWKSVVeOJ5iX21EVE
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
date: Thu, 31 Aug 2023 09:04:19 GMT
age: 472955
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Sun, 24 May 2020 08:00:59 GMT
server: AmazonS3
etag: W/"0af1d330e19fe2a0aa127e1709936c75"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: O_y7594z8y0EwtAx0wbmiEL8MVKN5-mYuJ1GpKkYbGev8yyNp9Zyqg==

GET
H3 200 dm-common-icons.ttf
static.cdn-website.com/fonts/ 2 KB
3 KB 11ms
10ms Font
application/octet-stream 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/fonts/dm-common-icons.ttf?5f0fg
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0

Request headers

Referer: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/css/d-css-runtime-desktop-one-package-structured-global.min.css
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id: PqntK7H35YcTmkMvqWIJAJRdU.53YusY
date: Thu, 31 Aug 2023 03:31:03 GMT
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
age: 492951
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
content-length: 2368
last-modified: Mon, 19 Aug 2019 11:53:23 GMT
server: AmazonS3
etag: "b71bfcb8a1c734ad0654e25cd41964f2"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 0Icksppm0rOz1DMmLNvtsM9Sxnef4IiHK6x7ICvvSl8rv-INby8H9A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
77 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N04E152EJS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49330317-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bc9ac8e58698267521a8c17d393c1ca6458114afe6e30e49863208569b0ead0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Sep 2023 20:26:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 58ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49330317-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Sep 2023 19:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2550
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Sep 2023 21:44:23 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 57ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N04E152EJS&gtm=45He38u0&_p=1596402106&_gaz=1&cid=114697076.1693945614&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1693945613&sct=1&seg=0&dl=https%3A%2F%2Fwww.gha-associates.com%2Fmacrium-software-sitedeploy&dt=Macrium%20Software%20SiteDeploy&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GT-K8KGMK8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 20:26:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gha-associates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 60ms
18ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N04E152EJS&cid=114697076.1693945614&gtm=45He38u0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GT-K8KGMK8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 20:26:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gha-associates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.gr/ads/ 42 B
408 B 91ms
34ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.gr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N04E152EJS&cid=114697076.1693945614&gtm=45He38u0&aip=1&z=1558754826

Requested by

Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 20:26:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
d32hwlnfiv2gyn.cloudfront.net/ 37 B
398 B 417ms
416ms Image
image/gif 108.156.0.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d32hwlnfiv2gyn.cloudfront.net/i?e=pv&page=Macrium%20Software%20SiteDeploy&dtm=1693945613556&tid=553072&vp=1600x1200&ds=1600x2987&vid=1&duid=584b212233ab22f2&p=web&tv=js-2.0.0&fp=1196475847&aid=22eb0d38&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&tna=cf&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.gha-associates.com%2Fmacrium-software-sitedeploy
Requested by: Host: www.gha-associates.com
URL: https://www.gha-associates.com/macrium-software-sitedeploy
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.0.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-0-36.mxp63.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: null
via: 1.1 61bbb65ddfb7a23272f71c61d393f8ee.cloudfront.net (CloudFront)
last-modified: Thu, 03 Jul 2014 09:50:57 GMT
server: AmazonS3
x-amz-cf-pop: MXP63-P4
etag: "3eacd0132310ea44cad756b378a3bc07"
x-cache: Miss from cloudfront
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 37
x-amz-cf-id: fNW7kqQvuBOB_laXQs8jQgCBXIUsEnRwBsMtLypafvXbLEMXjYbbHw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
210 B 15ms
14ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1596402106&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gha-associates.com%2Fmacrium-software-sitedeploy&ul=en-us&de=UTF-8&dt=Macrium%20Software%20SiteDeploy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=652608404&gjid=64734234&cid=114697076.1693945614&tid=UA-49330317-1&_gid=701081573.1693945614&_r=1&gtm=457e38u0&jsscut=1&z=233990390

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gha-associates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Sep 2023 20:26:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gha-associates.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FB9D 921 KB
265 KB 39ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=69b4f2f3-d489-4a73-b77f-2933482ec8a3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VC227HWC1SB9BP0S
age: 764271
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /u++PB0KhW/JIMyXvniOxWbHKCXrk5NG742GSQzUeQMsfdV1Sq7QedmdfdDlKUwuwlNC/FdBPttbEZbpSgVsfQ==
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUuTXnLASqSOJo0V0aBwZda6yxb3s%2BGhLBLPlgQXZLCcIFx%2BTfmDnqujXMUG8lc19nUDLXDUrrW3767jeHPbaNgOO5%2BfjudEa0s8INRrPFyfZVaX%2F3UtzqFsBwufQSds3ryYAZE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135b5097abbdd-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 70A3 921 KB
265 KB 59ms
59ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=69b4f2f3-d489-4a73-b77f-2933482ec8a3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
x-amz-version-id: Tqd.BCD9w1gdIuCOkjN7K7S20lVumIKB
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: VC227HWC1SB9BP0S
age: 764271
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: /u++PB0KhW/JIMyXvniOxWbHKCXrk5NG742GSQzUeQMsfdV1Sq7QedmdfdDlKUwuwlNC/FdBPttbEZbpSgVsfQ==
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3155ef9816fdf792d367e746086c583"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yXl4ElEkKHnhoInhhuS5gebv7D%2B%2Bn6hCuu8Sk9QOK9HKDNK0xD6uTWs%2BkA6TZj6ZX2l%2BYneiOW7c1BxOFn55WJGI5SBhcpyprE5ATniv4G%2F%2BcU7%2FBm3IAaNekAjiSsEBraFkWk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135b5099bbbdd-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H3 200 18.8d9b98557bf3839e9c87.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 15 KB
6 KB 7ms
7ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/18.8d9b98557bf3839e9c87.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0320c7745767ebfe8864a99eba0381efd7765615e02938f27f8196907328c5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: ILFbOvD_fK_g0arb.FbLfuEyN6AHJFnK
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33511
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"0c57799c12a91ad7890a0c2bb004e902"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: Rx26Rd9YGUr6Dos7DWVt9iievkGtWyZT--I39qVhQ3mBdq1mT2zqVg==

GET
H3 200 23.fe66fc7c29b5e63049b3.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 3 KB
2 KB 8ms
8ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/23.fe66fc7c29b5e63049b3.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51abbb704fd0a01b4adb401879e8fc1e60ac60f3a5573fd5ad52a5109556d6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: bDxhocZ.3gDyNGyIKcRNcm4AR9hWekG1
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33511
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"ebde0c87d4dbcf844e8e9fb68dc27d98"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 1UQLr_HZH5OnpG5hcdGiVw_Zl0K1ALPcy9is2HGysP_M9iANNTLaRg==

GET
H3 200 1.38a874f31d2d8986b8b0.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 62 KB
19 KB 8ms
8ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/1.38a874f31d2d8986b8b0.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4eefd5e5bdbb7025a8de460c165db4066dc878a27435a1e15e3d7ce353a4a961

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: d_1rMcvFuStzvjSGVQ3Qhh3jMihPcitn
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33511
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"00b454f511fadf7ad249b9b3fe1baa99"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: kPQRjtZ4gCKwFIrglSKdI6Pp7wFFV6gty8KjhThrE074So0QGKGZ-A==

GET
H3 200 7.9a94a74e30026a70bc4d.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 3 KB
1 KB 7ms
7ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/7.9a94a74e30026a70bc4d.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 437da7fb6afabc5c920204b3fbee8cefa595164859de653309c2e4f5236234eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: d_.0fH6X1LeY1HdMHmPSCsJtNWVgsTJC
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33511
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"5a3ae7c619627793d1cd3a1a25bd394f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: nQ2ZO2Nd83TfvYH8kXEyCB4x7PKHMycV7mSs3UjijT3fhvRQvgaTQw==

GET
H3 200 skrollr.min.js Show response
static.cdn-website.com/libs/bower-skrollr/ 12 KB
6 KB 24ms
22ms Script
text/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/libs/bower-skrollr/skrollr.min.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 14:35:21 GMT
x-amz-version-id: 04xLqcAi1BJ2lpzw2II1Thpz7n9kiiRR
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 453093
x-amz-cf-pop: FRA56-P6
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 25 Dec 2019 10:41:33 GMT
server: AmazonS3
etag: W/"7a180f303bea26a3ef7edf53342e7afa"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: L4nuq5eoN_-MZD6e5eJ3B85Oxm2dKF7FnVrTFjvqJ5ngQ6vvzW7nvA==

GET
H3 200 runtime-module-anchors.8069350c1321599c430f.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 3 KB
1 KB 16ms
16ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/runtime-module-anchors.8069350c1321599c430f.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba8af58c317cf55fc12374ff5ef439e9b404b4e84ed4bc1942eaf4fcb0cf2d10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: pf.0DwUEp8s6cf5CHiok5y8.xqKET3hP
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33511
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"5bbaf36d03d736f78fa11e2540c94e76"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 1rdmjjnBpm5MCZfuso4YiAjTGEwPJqRFvpVeaZdF-F0eghUVgjZYhA==

GET
H3 200 3.837e97ee3698267e2a54.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 120 KB
34 KB 12ms
9ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/3.837e97ee3698267e2a54.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ac7afdd83cff3c683276ee9ad56c130edc53da83c3e93166e9a2b5800dad86b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: Cg.UhgHiAsGFTBYw8I_YlqObxvhXhGLS
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33510
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"f2c815e541ca8a37fe679f75b5474552"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 5KglqBo6bGvmYdFsHbo9SaeZ7dIiZxW6Wf4EDfEcCiEJEGxjTS93Bg==

GET
H3 200 5.a5af5a3b04156da9e174.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 25 KB
6 KB 13ms
10ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/5.a5af5a3b04156da9e174.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 996b476077579b6a6451d1ea743d653bfae5845c67adcaa5dbc884e279b1b72a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: BdRj6ZezSv2iFi09BjFu7B8lDlesDcFy
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33510
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"faa982801bff4b360d9ec99bffc38cf9"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: z10hwTirxmVT8vZz36EmIxdYJH4DuMxlmAruBRNNzzRuePVena8ONw==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 53ms
19ms Script
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onCaptchaLoad&render=explicit

Requested by

Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06cb5492a1cfe22af70140f9a0eaac8be48b9f023f92451d027fcd1cbe132264

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 1; mode=block
expires: Tue, 05 Sep 2023 20:26:53 GMT

GET
H3 200 8.20c25f8b84fd357fa245.js Show response
static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/ 7 KB
3 KB 13ms
9ms Script
application/javascript 108.138.7.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/8.20c25f8b84fd357fa245.js
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.7.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-63.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: facfd2d9eb6c0506309e84b4115bca26e8ec2d336eaf2624befa0d641fe986fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 11:08:23 GMT
x-amz-version-id: 5p22d.caq0vBeoIPYzE3LFF.ub2saODk
content-encoding: br
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
age: 33510
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: FAILED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 05 Sep 2023 10:58:09 GMT
server: AmazonS3
etag: W/"9c15dccf024332b0a1d30ea7de6fcf8f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 1UKPhzcNxkql-cvHrp8-RgT2f62o_A9kZFLeVh9HBa2IuVyWINXzFg==

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame FB9D 25 KB
6 KB 24ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDF3FE976HR4V00W
age: 764270
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0blpswMIFAOhaVlqnAzdEHdtFfFaaGOi0CdPv+HUzj2+AAujGo6szwFwyDrsM12QGgkbEMVxSxQ=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHne5rnK0ZhbAFxBFNEWy52J9x%2BhFhYt6fiMVaSmURviE5sZElmE2OiIuHDLVdI847vaO%2F1l4sFgFDk8V4p6EOJQ%2BqYfemIAhKxcqRF07tN%2B%2B9aHLYha%2FA5%2Bb%2F5xG9IduoWo6Ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135b6ec9ebbdd-FRA
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config Show response
gha-associates.zendesk.com/embeddable/ Frame FB9D 903 B
1 KB 564ms
510ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gha-associates.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16b0cacc5c74fb611c58d4db824824c50a457e80f9b96d40ebf850b7eb5773c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-68c95d8d7f-dw7xq
x-cached: STALE
x-request-id: 80212e1b4869046a-FRA
x-runtime: 0.002645
last-modified: Tue, 05 Sep 2023 20:26:54 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtHSteprkLp0revyPkIxRInr%2BoZhq9m%2FC%2FIg0PBd8qbe0bZtKFIkx363tEOsn62NS8nCzeRarmCpr%2F75SwixBa8auOVq84TZoZolVOQTagINyLRAKGD7X17%2BjUCDnwhwu4DTqSOUQgMPO%2BrC"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 802135b74d624d6a-FRA

GET
H2 200 getNavItems Show response
www.gha-associates.com/_dm/s/rt/api/public/rt/site/22eb0d38/ 20 KB
6 KB 495ms
495ms Fetch
application/json 18.193.36.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gha-associates.com/_dm/s/rt/api/public/rt/site/22eb0d38/getNavItems?lang=en

Requested by

Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.36.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-36-153.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b6c21de344daabce545eb2c31251b403435bc7f392647e4fc176e46b40c5c127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gha-associates.com/macrium-software-sitedeploy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
d-geo: EU
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 44ms
17ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: static.cdn-website.com
URL: https://static.cdn-website.com/libs/jquery/jquery-3.7.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gha-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2817844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10482
last-modified: Tue, 01 Aug 2023 16:35:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64c93459-28f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ebf4S2SjXjK%2By3bCVBgCpdx2biqx%2FO06B0iyOPle4FQN5MUiYYi5I5jJRHv3T1JjtRX209%2Bs6BjJ1l87Ofup%2F98CC30PjSFWhubMZ6wuepQn7MQZDEdkVXM9Wftt8mSZ4nQC43%2Bj7UN3KDeoKt1jaJ9W"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802135b72994691b-FRA
expires: Sun, 25 Aug 2024 20:26:53 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ 454 KB
183 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onCaptchaLoad&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gha-associates.com/
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 19:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186637
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Sep 2024 19:59:33 GMT

POST
H2 204 logs
www.gha-associates.com/_dm/s/rt/actions/ 0
0 217ms
215ms Fetch 18.193.36.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gha-associates.com/_dm/s/rt/actions/logs

Requested by

Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/_dm/s/rt/dist/scripts/d-js-one-runtime-unified-desktop.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.193.36.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-193-36-153.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gha-associates.com/macrium-software-sitedeploy
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
server: nginx
d-geo: EU

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 70A3 25 KB
6 KB 26ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: hsI8uO5qXqigkFCAVGwBeynKIJCd66Hs
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDF3FE976HR4V00W
age: 764271
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0blpswMIFAOhaVlqnAzdEHdtFfFaaGOi0CdPv+HUzj2+AAujGo6szwFwyDrsM12QGgkbEMVxSxQ=
last-modified: Thu, 24 Aug 2023 03:39:38 GMT
server: cloudflare
etag: W/"fd692493810d22ae0ff5aca283a7a202"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQPzUsR5o7Sp6PHLB%2FP4dGyaPGALibgZHtu6RavKwEm6w%2FfjDUY6zgNQpGcw5mSc4%2FNle7lO4lKnwrZ0jbxd54ZV4A0fCN9RQU2yAOVcuvZsrBEzN04stc73MAY0srdqeMRNAAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135b78e5abbdd-FRA
expires: Fri, 23 Aug 2024 03:39:37 GMT

GET
H2 200 config Show response
gha-associates.zendesk.com/embeddable/ Frame 70A3 903 B
772 B 593ms
591ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gha-associates.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16b0cacc5c74fb611c58d4db824824c50a457e80f9b96d40ebf850b7eb5773c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 0
x-zendesk-origin-server: embeddable-app-server-68c95d8d7f-dw7xq
x-cached: STALE
x-request-id: 80212e1b4869046a-FRA
x-runtime: 0.002645
last-modified: Tue, 05 Sep 2023 20:26:54 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSQhqep3corL4qvudk0Sh6biTpxtECmSqsnjNFmJ%2FnCIMQV%2FRXTGTWatHLCWL%2BA%2F5yDarLQwmSR17Vxxuu35GTTH6PzghKqclEeGhX8vZXLLfTesIFgaYC8n%2FaUHqvU6gj6oFM9Su%2BpvSaXg"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 802135b78dbe4d6a-FRA

GET
H2 200 web-widget-chat-sdk-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FB9D 202 KB
51 KB 28ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: Gf4KFmmSRtALGQTFrJvpXz0Cxt2OhtK2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDFFE7MMEGNE31NJ
age: 764272
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tejftzGEnw4bQ+y20xwWi2EehpKJil3jYIkE0TCnIzAR2MG+Xj/Hk/wrE4E3DbnCkShhL3ypAQU=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3208a9957c2dcf9612763d1d3138069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cNXSW7XeU%2BV9fEbn%2FAnXHHeI4FXZaqX8jIsprLlbsuhTX5t3X0AHHIK27ihyx36qoAAQfs4y%2Bm9Wv4Btvicw0C6rN20iBJeqz0n5cPjIPv6Pay4pkAeeVAf%2BUM7%2BX22TbeCOKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135b80fc8bbdd-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F0C9 55 KB
31 KB 40ms
35ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz&co=aHR0cHM6Ly93d3cuZ2hhLWFzc29jaWF0ZXMuY29tOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=checkbox&cb=64wcujthwk8c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ac5dafdc762b969c2b7bf197c4fee8533fb327c4adfc8b851f99382fba74ac01

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7xiL-sTPoB3-SNOTRXZCuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gha-associates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 31619
content-security-policy: script-src 'report-sample' 'nonce-7xiL-sTPoB3-SNOTRXZCuQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 20:26:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 web-widget-chat-sdk-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 70A3 202 KB
51 KB 35ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: Gf4KFmmSRtALGQTFrJvpXz0Cxt2OhtK2
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDFFE7MMEGNE31NJ
age: 764272
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tejftzGEnw4bQ+y20xwWi2EehpKJil3jYIkE0TCnIzAR2MG+Xj/Hk/wrE4E3DbnCkShhL3ypAQU=
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"a3208a9957c2dcf9612763d1d3138069"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBMrhukOVsHs7EQfZeafijNHTlulKr4nqnt9WBnO1d8Hh7NidFnVC2SmSnom3B%2FbPQ4Q4ANHPgxZRm0raKDoXarqjAOhbHJa6B6q1lal%2F6bcG%2BYrFHPaNQBmnWs3sogIo7wc%2Fds%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135b8a95dbbdd-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame F0C9 55 KB
24 KB 28ms
9ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz&co=aHR0cHM6Ly93d3cuZ2hhLWFzc29jaWF0ZXMuY29tOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=checkbox&cb=64wcujthwk8c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 00:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 00:01:53 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame F0C9 451 KB
181 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 16:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Sep 2024 16:53:12 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 26ms
25ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 23:37:54 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 938940
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14780
x-amz-cf-id: gVSMCP4U7l9a_LThm4Up_ZguB72_FVe7tUbJCMGYzKCpH20w9YjNRw==

GET
DATA 200
OK truncated
/ Frame F0C9 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F0C9 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F0C9 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 01:27:29 GMT
x-content-type-options: nosniff
age: 586765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 06 Sep 2023 01:27:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F0C9 15 KB
16 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 322131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Sep 2024 02:58:03 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F0C9 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz&co=aHR0cHM6Ly93d3cuZ2hhLWFzc29jaWF0ZXMuY29tOjQ0Mw..&hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&theme=light&size=normal&badge=checkbox&cb=64wcujthwk8c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 05 Sep 2023 20:26:54 GMT

POST
H2 204 metrics
rtc.multiscreensite.com/performance/ 0
0 92ms
92ms Fetch 52.21.134.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/18.8d9b98557bf3839e9c87.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.134.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-134-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gha-associates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 05 Sep 2023 20:26:54 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/performance/ Frame 0
0 303ms
91ms Preflight 52.21.134.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.134.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-134-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gha-associates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Tue, 05 Sep 2023 20:26:54 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/performance/ Frame 0
0 303ms
92ms Preflight 52.21.134.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.134.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-134-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gha-associates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Tue, 05 Sep 2023 20:26:54 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 metrics
rtc.multiscreensite.com/performance/ 0
0 94ms
93ms Fetch 52.21.134.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/performance/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/18.8d9b98557bf3839e9c87.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.134.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-134-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gha-associates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 05 Sep 2023 20:26:54 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 76 KB
77 KB 28ms
16ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2817841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78196
last-modified: Tue, 01 Aug 2023 16:36:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64c93479-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZsqSddqvWF4LFDYGal8qSgpnZuXMfmp6CejwDcbP%2F3eAlxCn%2FW2LCAfHOnKFWZif9534cF1AFXITzPJlHuA5RcYI0VemeyIl5z%2Bl4G0MhoDs8Ha11vZD7hWJl5jAngFkIUGpb5NDXvruPxNLm8%2FCwz5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 802135bb089e1cc3-FRA
expires: Sun, 25 Aug 2024 20:26:54 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 0127 7 KB
1 KB 22ms
20ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1194e6ec4e33a25a7d21667746a06ccd27f15e3f5ecf7b6a07a8d27ce62c527d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_h2rsM8ltTpvvCFAMgC55w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gha-associates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1157
content-security-policy: script-src 'report-sample' 'nonce-_h2rsM8ltTpvvCFAMgC55w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Sep 2023 20:26:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 15 KB
15 KB 20ms
20ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 00:14:18 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 1282356
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14892
x-amz-cf-id: bBhyVFaTfmxNp8ZbTr0S2ZBYoHvSCxufRMVRBLhLoS9HTluYbp3zHQ==

GET
H2 200 web-widget-chat-incoming-message-notification-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 70A3 236 B
719 B 18ms
18ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: 46qKELeTBWCwzvVGXozLgYao3Jv6zCoR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDF9HF3Y8W0PVSQC
age: 764271
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fZDV0xg3FsFxrpZT9QCSaXjJuIqYZ/vFRf9YulowyRM5BpKf0DQIj2BxZq4TB6yykA80c5/5Xc6LsuxXSreimA==
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5%2FXl8D0zLvcz2d6VJdDVzKPFme0QgRNPkTwQCJ4GCBCsXXzoWf9fBRgq%2B0VFdi8Zc1usWpRFCpaI3jVLFZhM4McJzdn%2FMr4KO5UdN661Z9HDYa3JaW3BbAgpyyC1w0x5FRkOkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135bbe870bbdd-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
irp.cdn-website.com/fonts/s/sourcesanspro/v22/ 14 KB
15 KB 17ms
16ms Font
font/woff2 143.204.9.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://irp.cdn-website.com/fonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by: Host: irp.cdn-website.com
URL: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 143.204.9.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-48.mxp64.r.cloudfront.net
Software: CloudFront /
Resource Hash: 0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Request headers

Referer: https://irp.cdn-website.com/fonts/css?family=Roboto:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Montserrat:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Poppins:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Amiko:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Red+Hat+Display:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic|Source+Sans+Pro:100,200,300,400,500,600,700,800,900,100italic,200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic&subset=latin-ext&display=swap
Origin: https://www.gha-associates.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 00:29:54 GMT
via: 1.1 c60d08323363c4861c206b74cb68eeb0.cloudfront.net (CloudFront)
server: CloudFront
age: 1454220
x-amz-cf-pop: MXP64-C1
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2592000
alt-svc: h3=":443"; ma=86400
content-length: 14712
x-amz-cf-id: nTNUKrHzm2JKLVQZUU6xNmceJhBSapCL0Avm_l231T4ye2wCd_yP6g==

GET
H2 200 web-widget-chat-incoming-message-notification-4b22769.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame FB9D 236 B
451 B 24ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: 46qKELeTBWCwzvVGXozLgYao3Jv6zCoR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: PDF9HF3Y8W0PVSQC
age: 764271
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: fZDV0xg3FsFxrpZT9QCSaXjJuIqYZ/vFRf9YulowyRM5BpKf0DQIj2BxZq4TB6yykA80c5/5Xc6LsuxXSreimA==
last-modified: Thu, 24 Aug 2023 03:39:36 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0Mj8LN1bAkVS2vdHZRIZJR%2FYrPSPzZCCdwFuFGnECmB1jGbLnb2WMHPP%2BnfqcngrnyiJq45nY70go0f8OHhGI4hyarAi0iv8%2FRTUDaSE%2F5KpRl%2B56JJ%2BHraW5mg%2F5OnYdVxY78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135bc390abbdd-FRA
expires: Fri, 23 Aug 2024 03:39:35 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 0127 55 KB
24 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Sun, 03 Sep 2023 00:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 02 Sep 2024 00:01:53 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/ Frame 0127 451 KB
181 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/0hCdE87LyjzAkFO5Ff-v7Hj1/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=0hCdE87LyjzAkFO5Ff-v7Hj1&k=6LffcBsUAAAAAMU-MYacU-6QHY4iDtUEYv_Ppwlz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 16:53:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 185062
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 02:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Sep 2024 16:53:12 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 70A3 19 KB
20 KB 26ms
26ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: Dhfyi7.BwdDs73khKVLly.CpqC3d5sZl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CF5CH2DH9C084XSB
age: 10977427
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: QatFL3CkEWqCbgYQ49sR6LW7a+hLb3iIXX/1f9PxnABH65K9HMaaurFKn4nkAbqIQpxZoVenDc4=
last-modified: Mon, 01 May 2023 05:14:24 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMLLurhrB%2BvZOYaMLWBKPUlQt%2B%2Fl6IQxrvYtTzHP7uLCAXH1wP2dt6x4OY0w9mWeyzUlv2s%2FG7PqgJJHCN9bbTujGVxSn2TfcoaeHo%2BMG5ac7HZPJLy2XQZ5pN9enF5ZJ7nb7%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135bcc9d7bbdd-FRA
expires: Tue, 30 Apr 2024 05:14:23 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame FB9D 19 KB
20 KB 24ms
23ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 05 Sep 2023 20:26:54 GMT
x-amz-version-id: Dhfyi7.BwdDs73khKVLly.CpqC3d5sZl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: CF5CH2DH9C084XSB
age: 10977427
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: QatFL3CkEWqCbgYQ49sR6LW7a+hLb3iIXX/1f9PxnABH65K9HMaaurFKn4nkAbqIQpxZoVenDc4=
last-modified: Mon, 01 May 2023 05:14:24 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWzsTYbgzAxZp35foiVv%2FtWuFe%2BgZw7wuey0jP3XWGWs6R8oEsmrL78QN3HnC0oRq3hSoSODdAcvvUXSjxF2lV2Hbz9IZNX28ur2LNiGHpiDQM6bX0Pbe2O8XD8Y7lxMgEY8HoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 802135bcc9dcbbdd-FRA
expires: Tue, 30 Apr 2024 05:14:23 GMT

POST
H2 204 metrics
rtc.multiscreensite.com/feature/ 0
0 101ms
101ms Fetch 52.21.134.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/feature/metrics
Requested by: Host: static.cdn-website.com
URL: https://static.cdn-website.com/mnlt/production/3732/editor/apps/modules/runtime/23.fe66fc7c29b5e63049b3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.134.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-134-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gha-associates.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 05 Sep 2023 20:26:58 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 metrics
rtc.multiscreensite.com/feature/ Frame 0
0 92ms
91ms Preflight 52.21.134.232
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtc.multiscreensite.com/feature/metrics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.134.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-134-232.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gha-associates.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Tue, 05 Sep 2023 20:26:58 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gha-associates.com/	1970-01-20 14:54:19	Name: dm_timezone_offset Value: -120
www.gha-associates.com/	1970-01-20 23:18:01	Name: dm_last_page_view Value: 1693945613437
www.gha-associates.com/	1970-01-20 23:18:01	Name: dm_this_page_view Value: 1693945613437
www.gha-associates.com/	1970-01-20 23:18:01	Name: dm_last_visit Value: 1693945613437
www.gha-associates.com/	1970-01-20 23:18:01	Name: dm_total_visits Value: 1
.gha-associates.com/	1970-01-21 00:08:25	Name: _ga_N04E152EJS Value: GS1.1.1693945613.1.0.1693945613.60.0.0
www.gha-associates.com/	1970-01-21 00:08:25	Name: _sp_id.73aa Value: 584b212233ab22f2.1693945614.1.1693945614.1693945614
www.gha-associates.com/	1970-01-20 14:32:27	Name: _sp_ses.73aa Value: 1693947413555
.gha-associates.com/	1970-01-21 00:08:25	Name: _ga Value: GA1.2.114697076.1693945614
.gha-associates.com/	1970-01-20 14:33:52	Name: _gid Value: GA1.2.701081573.1693945614
.gha-associates.com/	1970-01-20 14:32:25	Name: _gat_gtag_UA_49330317_1 Value: 1
widget-mediator.zopim.com/	1970-01-20 14:42:30	Name: AWSALBCORS Value: jAECRYKb9u08q5LPzFJmQA0/QMpqog+s2pVbYTeBzZaKE6w+iCJTFy9eB6ebd4tsiLaVQAG+BBLQS+sLd7x0dvPBD0VzFGZJ218QPm8Z2Bfys+VdYA3IsOR9/Cuk
.gha-associates.com/	1970-01-20 23:18:01	Name: __zlcmid Value: 1Hhm6HkKqEB4aXz

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.multiscreenstore.com
cdnjs.cloudflare.com
d32hwlnfiv2gyn.cloudfront.net
ekr.zdassets.com
fonts.gstatic.com
gha-associates.zendesk.com
irp.cdn-website.com
lirp.cdn-website.com
region1.analytics.google.com
rtc.multiscreensite.com
static.cdn-website.com
static.zdassets.com
stats.g.doubleclick.net
tag.structuredweb.com
www.gha-associates.com
www.google-analytics.com
www.google.com
www.google.gr
www.googletagmanager.com
www.gstatic.com
104.16.51.111
104.18.70.113
104.18.72.113
108.138.7.63
108.156.0.36
143.204.9.48
174.129.188.71
18.193.36.153
18.66.112.80
2001:4860:4802:32::36
2606:4700::6811:190e
2a00:1450:4001:800::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2003
2a00:1450:400c:c06::9c
3.67.22.251
52.21.134.232
00ec1fceba02e4a33f2f2a601bfcd5d85494c65eee228761c195a188077b5596
06cb5492a1cfe22af70140f9a0eaac8be48b9f023f92451d027fcd1cbe132264
078d19177cf356f1b450ef1698fe13407d675e4558ef25be7526b8a7f99bf652
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0bc9ac8e58698267521a8c17d393c1ca6458114afe6e30e49863208569b0ead0
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1194e6ec4e33a25a7d21667746a06ccd27f15e3f5ecf7b6a07a8d27ce62c527d
19f9bd2c56e13a1adc382fb52bb03abe6ea7284415855adeb244cfce20cca048
1a5c551d5ba0de7a7a02e17897757c35a37b64c9572c764050dbd363f2942a97
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d1de0346e7ff9c546df2f25187101fdd7766862b93b9b57ab50eb418d57a84c
24a0379eaeac3d8de8f2b77a318fef99bae4ef5ca07d2eca39b8a0f3c21911b6
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
27a5364233697dbe4f7c5349587137320c51e17e95115b6c43a7055d64541d23
2fa25c9141c79c34486380e86a61dcbf1938e5e90016bf343221de3e1285268e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40c0820830ffbf3cd8caeb4da070e077c22f5e44c1d5dfe36c4cf45491db6af9
432d3ceb04bc5bb9c94242a57a06211ab0cbe6168af26354223a9b57df4266f0
437da7fb6afabc5c920204b3fbee8cefa595164859de653309c2e4f5236234eb
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4737e970e7344d8bf4ee6760b4a0dd29c21c1899a7c34dbe1e10cb2893834f5a
4ac7afdd83cff3c683276ee9ad56c130edc53da83c3e93166e9a2b5800dad86b
4b8ad07703dbf0d99cae9adba8b69411571ae0bfed0eee691c61cef670ff6d78
4eefd5e5bdbb7025a8de460c165db4066dc878a27435a1e15e3d7ce353a4a961
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
51abbb704fd0a01b4adb401879e8fc1e60ac60f3a5573fd5ad52a5109556d6ab
51f94fd13c2ec9e06d335a967366c39401878a5f1e4166e269017c7f70901494
53b63be2f9ab7f75dd4702ae1f07e7bb82dbdcfb8e6df77c9f173b213c1af912
587fc1c1e943e8763bd2e2ff0be4a0e5efc61181b1a4834c99aac812c5c126a0
604e127bddf35b7a6d7305cf2eb4195536811a298ef4b3e4a35d530f85b0d55d
6b0d92e2f629a84f4dbc435b83d2c8225ed3f961fba2e3a63d41849cd31e4d2d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df509c54af64a8a81d168c1bce4e0bc1d30be5a3206c25e702fea2f33ab7f3f
6f4b9e0f03742901e035245b6a32c104004c3960b41f3db1bfcc557ba1e9ba96
75c6a2dfe2c4802fef56d3176bf050dc3360265af10458e2314ad0987b121c17
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f803337d01a657607bca6b20e06f371c3895b36a5f2be03a8fa9b5e16c9a83e
8172b427a719b7d9a1f703c9e98de718e03d4c3d16b4a0ea30ff7c4dc6c3d1a4
81dc46e91d130a3f91f7ea1891b763142f469f1bdba536af7591c7eb133cbb70
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9815a73ed1c060800ebbb4bb9a9c4d3f65624b28ae1aa15cdd656e320035e813
9850fd95e095357d8c0bb62b4553a8ae9791acf507dc1ea7bde4bd1d5076bb75
996b476077579b6a6451d1ea743d653bfae5845c67adcaa5dbc884e279b1b72a
9d49894c7283158ab1e1bf1e5bfd1e26b1f24605678c2c561b5df29b396535ab
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a0d94dfb86d686fa5c7a0ae58ab81d05e42e026f92113d2037e70bbf37bc5da8
a16b0cacc5c74fb611c58d4db824824c50a457e80f9b96d40ebf850b7eb5773c
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a4b5fa9a4f8d536bbe148727a36588ea2d3db5b60e072fa00ca30b2893f43a81
a7a49a76d85312d8987fa0a45950fe65e1fb5efca87cfcbba7db1d81960af45a
ac5dafdc762b969c2b7bf197c4fee8533fb327c4adfc8b851f99382fba74ac01
b6c21de344daabce545eb2c31251b403435bc7f392647e4fc176e46b40c5c127
ba0c59deb5450f5cb41b3f93609ee2d0d995415877ddfa223e8a8a7533474f07
ba8af58c317cf55fc12374ff5ef439e9b404b4e84ed4bc1942eaf4fcb0cf2d10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd248d4e254118f367b29bee59fb061b3a785dce36e0925017bccaa78a0d3288
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8
cdb1ac36dd2829866f08390c3e81d461cb56d55d2560e64363492ffb5c3403fa
d0320c7745767ebfe8864a99eba0381efd7765615e02938f27f8196907328c5e
d2647b69391c43bb261499c03d1fdf45b6be4eb7b27e404b52fcd73af15172df
d29b8ff027da14dd0cc108b4e81fafd387cb8d87af02a934951afe2c9b64ac66
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
facfd2d9eb6c0506309e84b4115bca26e8ec2d336eaf2624befa0d641fe986fa
fbe03b12661284828eb64167e3780c61b0c3e912c0b88a70835f929ea183a780

www.gha-associates.com Open in urlscan Pro 18.193.36.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

100 %HTTPS

45 %IPv6

15 Domains

20 Subdomains

21 IPs

4 Countries

2389 kBTransfer

7052 kBSize

13 Cookies

4 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gha-associates.com Open in urlscan Pro
18.193.36.153 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

100 %
HTTPS

45 %
IPv6

15
Domains

20
Subdomains

21
IPs

4
Countries

2389 kB
Transfer

7052 kB
Size

13
Cookies

90 HTTP transactions
2 data transactions