5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog Open in urlscan Pro
2a00:1450:4001:806::2001 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXhWjT05v1DliJzvFZ-2FrX...
Effective URL:
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Submission: On June 29 via manual (June 29th 2022, 2:58:24 pm UTC) from US — Scanned from DE

Summary HTTP 162 Redirects Behaviour Indicators

Summary

This website contacted 53 IPs in 5 countries across 46 domains to perform 162 HTTP transactions. The main IP is 2a00:1450:4001:806::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog.
TLS certificate: Issued by GTS CA 1C3 on June 6th 2022. Valid for: 3 months.

This is the only time 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.35 167.89.118.35	11377 (SENDGRID) (SENDGRID)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:76b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	173.208.219.12 173.208.219.12	32097 (WII) (WII)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6 55	52.162.218.125 52.162.218.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:800:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:7c00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.74.77.177 3.74.77.177	16509 (AMAZON-02) (AMAZON-02)
2	13.224.189.35 13.224.189.35	16509 (AMAZON-02) (AMAZON-02)
2 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1 3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 2	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.51.78.176 52.51.78.176	16509 (AMAZON-02) (AMAZON-02)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.65.187.215 3.65.187.215	16509 (AMAZON-02) (AMAZON-02)
1 1	13.225.78.123 13.225.78.123	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.204.34.148 34.204.34.148	14618 (AMAZON-AES) (AMAZON-AES)
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:95d7:83c7:b563:cce1	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.93.140 54.76.93.140	16509 (AMAZON-02) (AMAZON-02)
1	34.253.150.146 34.253.150.146	16509 (AMAZON-02) (AMAZON-02)
1 2	35.211.178.172 35.211.178.172	() ()
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	13.224.189.115 13.224.189.115	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.55 99.86.4.55	16509 (AMAZON-02) (AMAZON-02)
1	34.250.171.64 34.250.171.64	16509 (AMAZON-02) (AMAZON-02)
162	53

1 167.89.118.35 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x35.outbound-mail.sendgrid.net

u27352119.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:76b (United States)

ASN13335 (CLOUDFLARENET, US)

bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.208.219.12 (United States)

ASN32097 (WII, US)
PTR: salty.sheparddietimportance.us

www.pngitem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 52.162.218.125 (Chicago, United States) 6 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.avera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

t1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:800:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

30531.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:7c00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

p.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.74.77.177 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-74-77-177.eu-central-1.compute.amazonaws.com

69057.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-35.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20770730p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.14 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.78.176 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-78-176.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.187.215 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-187-215.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.123 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-123.fra2.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.34.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-34-148.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:95d7:83c7:b563:cce1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.93.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-93-140.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.150.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-150-146.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 1 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-115.fra2.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-55.fra6.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.171.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-171-64.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	avera.org 6 redirects www.avera.org — Cisco Umbrella Rank: 241277	1 MB
22	gstatic.com www.gstatic.com fonts.gstatic.com t1.gstatic.com	554 KB
10	youtube.com www.youtube.com — Cisco Umbrella Rank: 107 Failed	800 KB
10	google.com 1 redirects translate.google.com — Cisco Umbrella Rank: 1433 play.google.com — Cisco Umbrella Rank: 46 www.google.com — Cisco Umbrella Rank: 8	124 KB
10	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307 translate.googleapis.com — Cisco Umbrella Rank: 1212 fonts.googleapis.com — Cisco Umbrella Rank: 71 jnn-pa.googleapis.com — Cisco Umbrella Rank: 330	142 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1888 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3560 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3482 tracking.crazyegg.com — Cisco Umbrella Rank: 3393	34 KB
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 436 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	3 KB
5	rfihub.com 2 redirects 20770730p.rfihub.com — Cisco Umbrella Rank: 640161 a.rfihub.com — Cisco Umbrella Rank: 3055 p.rfihub.com — Cisco Umbrella Rank: 775	7 KB
3	teads.tv p.teads.tv — Cisco Umbrella Rank: 6409 cm.teads.tv — Cisco Umbrella Rank: 6765 t.teads.tv — Cisco Umbrella Rank: 2210	7 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 362	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	202 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 612	607 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 501	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 321	107 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 192	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	2 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6279	41 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211	29 KB
2	nftstorage.link bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 457	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 445	377 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 888	183 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1141	191 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1822	109 B
1	rezync.com 1 redirects live.rezync.com — Cisco Umbrella Rank: 1762	790 B
1	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1051	105 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 529	616 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 976	344 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 336	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 5448	548 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 135	37 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 257	3 KB
1	siteimproveanalytics.io 69057.global.siteimproveanalytics.io — Cisco Umbrella Rank: 610077	620 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5238	6 KB
1	tctm.co 30531.tctm.co — Cisco Umbrella Rank: 568174	17 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	40 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3798	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	24 KB
1	pngitem.com www.pngitem.com — Cisco Umbrella Rank: 60606	55 KB
1	translate.goog 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog	6 KB
1	sendgrid.net 1 redirects u27352119.ct.sendgrid.net	400 B
162	46

	Domain	Requested by
55	www.avera.org	6 redirects 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog www.avera.org
13	www.gstatic.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog www.gstatic.com translate.google.com translate.googleapis.com www.youtube.com
10	www.youtube.com	www.avera.org www.googletagmanager.com www.youtube.com
8	fonts.gstatic.com	translate.google.com fonts.googleapis.com www.youtube.com
5	translate.google.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog www.gstatic.com
4	jnn-pa.googleapis.com	www.youtube.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	translate.googleapis.com
3	p.rfihub.com	2 redirects www.avera.org
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com www.youtube.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.avera.org
3	www.googletagmanager.com	www.avera.org www.googletagmanager.com
3	www.google.com	1 redirects www.youtube.com www.avera.org
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects www.avera.org
2	dsum-sec.casalemedia.com	1 redirects www.avera.org
2	idsync.rlcdn.com	www.avera.org
2	dpm.demdex.net	1 redirects www.avera.org
2	ib.adnxs.com	1 redirects www.avera.org
2	solutions.invocacdn.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog solutions.invocacdn.com
2	play.google.com	www.gstatic.com
2	bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	beacon.krxd.net	www.avera.org
1	aa.agkn.com	www.avera.org
1	partners.tremorhub.com	www.avera.org
1	x.dlx.addthis.com	www.avera.org
1	bpi.rtactivate.com	www.avera.org
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	www.avera.org
1	contextual.media.net	www.avera.org
1	ps.eyeota.net	www.avera.org
1	pixel.rubiconproject.com	www.avera.org
1	a.rfihub.com	www.avera.org
1	cm.g.doubleclick.net	1 redirects
1	www.google.de	www.avera.org
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	t.teads.tv	www.avera.org
1	cm.teads.tv	p.teads.tv
1	20770730p.rfihub.com	c1.rfihub.net
1	69057.global.siteimproveanalytics.io	www.avera.org
1	p.teads.tv	www.googletagmanager.com
1	c1.rfihub.net	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	30531.tctm.co	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.avera.org
1	fonts.googleapis.com	www.avera.org
1	t1.gstatic.com
1	stackpath.bootstrapcdn.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	ajax.googleapis.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	maxcdn.bootstrapcdn.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	cdnjs.cloudflare.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	code.jquery.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	www.pngitem.com	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1	u27352119.ct.sendgrid.net	1 redirects
162	63

This site contains no links.

Subject Issuer	Validity	Valid
*.googleusercontent.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
nftstorage.link Cloudflare Inc ECC CA-3	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
pngitem.com R3	`2022-05-06` - `2022-08-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.avera.org DigiCert TLS RSA SHA256 2020 CA1	`2021-12-14` - `2023-01-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.tctm.co Amazon	`2021-10-09` - `2022-11-06`	a year	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
invocacdn.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-24` - `2023-05-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
rtactivate.com Amazon	`2022-04-13` - `2023-05-12`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-26` - `2023-03-01`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
crazyegg.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Frame ID: 2A62F4FBD86A169427D3F5EC350CB167
Requests: 24 HTTP requests in this frame

Frame: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Frame ID: 059E14F7E8944E7709EFD9A2E220A282
Requests: 14 HTTP requests in this frame

Frame: https://www.avera.org/
Frame ID: 03EFD396655F97B2F645349A4DFA1B97
Requests: 85 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TKqKSCG_tk4
Frame ID: 8BBA720D2EDE13D5DDE942A63F32DCF7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Frame ID: CD539D75BE571698751E20E5505C8464
Requests: 20 HTTP requests in this frame

Frame: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&ra=7783090647930757
Frame ID: C8ACC6BB239BB18FC2A8CE8A43BEE1C1
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Portal Login - avera.org

Page URL History Show full URLs

https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXh... HTTP 302
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_p... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

162
Requests

87 %
HTTPS

50 %
IPv6

46
Domains

63
Subdomains

53
IPs

5
Countries

3391 kB
Transfer

8549 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXhWjT05v1DliJzvFZ-2FrXdWWTtQJtar7d5f45LKMUDkQsF-2FhCOZ1yqNe3s6XzNjygGMsgA5GocRr6RXqtxW4PVFk-2Fpd4dvCNbIBWK4BuFppc8wj6wYdWWkKWGexqKkSDY9kS1UfXnqeVFTSWVDo5tEXEx0GIw-2BcXzdvgg3OprL-2Fex9yzyifJMTqTht070mPU8wLCFudjCq9Ewbt-2FqqlFvl5ULc1g-3D-3DSv0r_W6Mci6KC7SLORUNnS9C6o4WgYeOPz8ITfV-2BeYUOJcPOwivBxTGzXtr3e9yK8u2b-2BbgWruc7fr3-2BSs9eT06U7ngV5PGhOw5-2Fcbled9wG65x08o3xc34b3cBUdr0g9uczeR4MXjf5UCrkHSO6otQD5vOjypjd4dL8ocCmbvkzLbb46vBn6mzVmLnJle4td6ZrE-2FhC-2BAtOY2esQnRyNZD8qVNgWsKqlUiI8CsvskjIPt-2B8-3D HTTP 302
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.google.com/s2/favicons?domain=avera.org HTTP 301
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16

Request Chain 65

https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small

Request Chain 66

https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg?size=small

Request Chain 67

https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small

Request Chain 100

https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg HTTP 302
https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg

Request Chain 101

https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg HTTP 302
https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg

Request Chain 102

https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg HTTP 302
https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg

Request Chain 121

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 134

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMDk1NzkyOTY2OQ==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1

Request Chain 135

https://ib.adnxs.com/setuid?entity=18&code=5141210820957929669 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669

Request Chain 137

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210820957929669&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=

Request Chain 138

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0

Request Chain 141

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210820957929669&referrer=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da3dc72d9-49c3-470f-af3d-7885b0879638%253A1656514702.82 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82

Request Chain 143

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1

Request Chain 146

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406

Request Chain 150

https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210820957929669&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YrxojgAMcC1ZTgAj HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj

162 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Redirect Chain

https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXhWjT05v1DliJzvFZ-2FrXdWWTtQJtar7d5f45LKMUDkQsF-2FhCOZ1yqNe3s6XzNjygGMsgA5GocRr6RXqtxW4PV...
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

15 KB
6 KB

237ms
187ms

Document
text/html

2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

567e696f9b3ede076143a8f5931e4b5951ef0d4404456addbfdaf416ec02746e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-security-policy: frame-ancestors *.translate.goog
content-type: text/html
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 29 Jun 2022 14:58:19 GMT
expires: Wed, 29 Jun 2022 14:58:19 GMT
last-modified: Wed, 29 Jun 2022 14:49:26 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: ESF
x-content-type-options: nosniff
x-robots-tag: none
x-xss-protection: 0

Redirect headers

Connection: keep-alive
Content-Length: 235
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Jun 2022 14:58:18 GMT
Location: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#lisa.baumberger@avera.org
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 404 jquery-1.11.1.min.js.download
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/js/ 0
0 508ms
478ms Script
text/plain 2606:4700::6812:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/js/jquery-1.11.1.min.js.download
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 m=ajaxproxy Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/ 70 KB
25 KB 58ms
23ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=ajaxproxy

Requested by

Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

564d2d9cb1733785392951d9805f002539677fc01730f7a5bc51fa8c6cc4d542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24486
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 03:20:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 20:14:48 GMT

GET
H2 200 m=navigationui Show response
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/ 24 KB
10 KB 62ms
27ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=navigationui

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d96a1eaf45053f482af9839786a143baf958b5351593921477009d8b460cac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9999
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 03:20:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 20:14:48 GMT

GET
H2 404 favicons
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/images/ 0
0 250ms
250ms Image
text/plain 2606:4700::6812:76b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/images/favicons
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200
OK 26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
www.pngitem.com/pimgs/m/ 55 KB
55 KB 794ms
528ms Image
image/png 173.208.219.12
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngitem.com/pimgs/m/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.208.219.12 , United States, ASN32097 (WII, US),
Reverse DNS: salty.sheparddietimportance.us
Software: nginx/1.14.0 /
Resource Hash: 42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Last-Modified: Tue, 15 Oct 2019 13:09:45 GMT
Server: nginx/1.14.0
ETag: "5da5c519-db2d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56109

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 32ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Origin: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-10fdd"
vary: Accept-Encoding
x-hw: 1656514699.dop101.fr8.t,1656514699.cds163.fr8.hn,1656514699.cds257.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 23856

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 43ms
26ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Origin: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1693467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6157
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tpsXgyNw2ktBHfGSCzcBgBqDZDNX9qRd94Ja1EyU8PUmbdJxW5u8Whxw356jDpCtsRm2CaLZCSZBLnABfyjxrcykLdLl%2BWu5a96MOC2IXPtE0AwFbl7lfFEnef4%2BFhX2My5LA15aw6DqTzAgcy99fZ%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 722f85068de45c74-FRA
expires: Mon, 19 Jun 2023 14:58:19 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 38ms
21ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Origin: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
age: 481
cdn-cachedat: 03/10/2022 17:24:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 09a48bd996077374c61abe3df4d211bf
cf-ray: 722f8506ccf99055-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 54ms
16ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Jun 2023 14:39:07 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
15 KB 36ms
18ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 10455578
cdn-cachedat: 11/15/2021 23:30:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cf-ray: 722f85077c88915f-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 element.js Show response
translate.google.com/translate_a/ 76 KB
27 KB 80ms
31ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-US&client=wt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50e3ddb1150ec53e199960f53c985fd366459cd235e3493f8220ad5eea1bc8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lazy.min.js Show response
www.gstatic.com/feedback/js/help/prod/service/ 91 KB
33 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=navigationui

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0100a76311bfe891d95a47a600573d31b0f29f9e807abe1c73cfbd7a8616b55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33171
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 21:24:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="product-feedback-gathering"
vary: Accept-Encoding, Origin
report-to: {"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:05:40 GMT

GET
H2 200 websitetranslationui Show response
translate.google.com/ Frame 059E 579 KB
83 KB 53ms
47ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2815abcc1ebbaef289b2c054f6e9c342781a29fed7606f0a756f51e11e06a205

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog script-src 'report-sample' 'nonce-3mMzRkZgptAifGZvR12uPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
X-Xss-Protection	0

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog script-src 'report-sample' 'nonce-3mMzRkZgptAifGZvR12uPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 29 Jun 2022 14:58:19 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 558 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 65ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3130
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 19:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 29 Jun 2022 15:43:43 GMT

GET
H2 200 m=el_main Show response
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpI0y65WcxoTVDaXDL12huAmUnKBQ/ 224 KB
76 KB 66ms
15ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpI0y65WcxoTVDaXDL12huAmUnKBQ/m=el_main

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468a4b0d07ebf83c9fc570555de7ece6182bd070fa5d85110983e928f27f2605

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 17:23:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78029
x-xss-protection: 0
last-modified: Sat, 25 Jun 2022 03:20:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="rosetta"
vary: Accept-Encoding
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 17:23:12 GMT

POST
H3 204 cspreport
translate.google.com/_/TranslateWebserverWebsiteTranslationUi/ Frame 059E 0
28 B 34ms
34ms Other
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.google.com/_/TranslateWebserverWebsiteTranslationUi/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-W-rvA0Bv1I9mqT1QjfEZYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="TranslateWebserverWebsiteTranslationUi"
x-frame-options: SAMEORIGIN
report-to: {"group":"TranslateWebserverWebsiteTranslationUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateWebserverWebsiteTranslationUi/external"}]}
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-W-rvA0Bv1I9mqT1QjfEZYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4c... Frame 059E 167 KB
58 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r

Requested by

Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b40c01e08b557027b0a8bdef7b5eb4987159fc993f619fd2d476548fdedb389e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:00:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59809
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 22:26:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:00:53 GMT

GET
H3 200 googlelogo_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 059E 2 KB
688 B 21ms
21ms Image
image/svg+xml 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 20:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 663
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 28 Jun 2023 20:55:12 GMT

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v6/ Frame 059E 6 KB
3 KB 55ms
14ms Image
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v6/24px.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:20:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153481
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3340
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 09:57:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 20:20:18 GMT

GET
H2 200 32px.svg
fonts.gstatic.com/s/i/productlogos/translate/v6/ Frame 059E 6 KB
4 KB 53ms
13ms Image
image/svg+xml 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/translate/v6/32px.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99294fad3e114681d7504cad26b5d425bf7bb98c82bb4abce603e145ba2e3e17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3169
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 09:57:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Jun 2023 20:20:29 GMT

GET
H2 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v9/ Frame 059E 31 KB
31 KB 51ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.google.com/
Origin: https://translate.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:01:10 GMT
x-content-type-options: nosniff
age: 79029
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31568
x-xss-protection: 0
last-modified: Mon, 15 Aug 2016 20:30:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:01:10 GMT

GET
H2 200 kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v139/ Frame 059E 158 KB
159 KB 65ms
28ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialiconsextended/v139/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6553190991765f48d49b0ebb1e6aca187e6e73a9fdcca36d469cf2959fde3ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.google.com/
Origin: https://translate.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 20:03:37 GMT
x-content-type-options: nosniff
age: 68082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162060
x-xss-protection: 0
last-modified: Tue, 24 May 2022 18:28:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 20:03:37 GMT

GET
H3 200 m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,VWuaCc,CXs... Show response
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E 240 KB
85 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,VWuaCc,CXsKQe,s39S4,lwddkf,gychg,w9hDv,RMhBfe,SdcwHb,aW3pY,P5Thrf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,xQtZb,PQaYAf,JNoxi,BVgquf,lPKSwe,QIhFr,yDVVkb,hc6Ubd,KG2eXe,SpsfSb,MdUzUe,VwDzFe,zbML3c,A7fCU,Uas9Hd,pjICDe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c29508e47b449f9003988bf14aa818b0ae6bb835f71684ed1e1dd3d9cb3ae1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87186
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:00:58 GMT

GET
H3 204 gen204
translate.google.com/ 0
24 B 32ms
31ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20220627

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5598pcV68_p2MVarHh0dYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: image/gif; charset=us-ascii
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5598pcV68_p2MVarHh0dYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 846 B
870 B 15ms
15ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:16:07 GMT
x-content-type-options: nosniff
age: 2532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 846
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Jun 2023 14:16:07 GMT

GET
H3 200 m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,wg1P6b,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,tsNC9c,JWUKXe,soHxf,qNG0Fc,HwavCb,JzDP5e,qRXAtf,yRXbo,ywOR5c,thZ3rf,L2d1X,rFVO7,QM0Gm,W225x,cSdwA Show response
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E 203 KB
60 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=A7fCU,BVgquf,COQbmf,CXsKQe,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,P5Thrf,PQaYAf,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VWuaCc,VwDzFe,XVMNvd,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,blwjVc,byfTOb,e5qFLc,fKUV3e,gychg,hc6Ubd,lPKSwe,lsjVmc,lwddkf,n73qwf,pKzUve,pjICDe,pw70Gc,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,wg1P6b,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,tsNC9c,JWUKXe,soHxf,qNG0Fc,HwavCb,JzDP5e,qRXAtf,yRXbo,ywOR5c,thZ3rf,L2d1X,rFVO7,QM0Gm,W225x,cSdwA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b96eea12a95503b938e26be81037a78006b1ffe000ec6c2aa69a026caab7b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61228
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:00:29 GMT

GET
H3 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:39:30 GMT
x-content-type-options: nosniff
age: 1129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1842
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 29 Jun 2023 14:39:30 GMT

POST
H3 200 t Show response
translate.googleapis.com/translate_a/ 434 B
312 B 74ms
33ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20220627&sl=auto&tl=en&tc=1&sr=1&tk=13979.472053&mode=1

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7cca7f579302e4c17877cd5c652d7fe8b139853077f182dcbae1ef917911ff94

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-UgJSFoQkwsdHe8YPoeUT7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-UgJSFoQkwsdHe8YPoeUT7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E 1 KB
692 B 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=A7fCU,BVgquf,COQbmf,CXsKQe,DFTXbf,EFQ78c,GkRiKb,HwavCb,IZT63,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,P5Thrf,PHUIyb,PQaYAf,PrPYRd,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VWuaCc,VwDzFe,W225x,XVMNvd,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,blwjVc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,lPKSwe,lsjVmc,lwddkf,m9oV,n73qwf,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,soHxf,t1sulf,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfdeb7581f3fd1c3939c601fddbdff2dd2dd390ae39b29dc1f5239b412699fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:01:30 GMT

GET
H3 204 gen204
translate.google.com/ 0
25 B 30ms
28ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://translate.google.com/gen204?sl=auto&tl=en&textlen=30&ttt=107&ttl=122&sr=1&nca=te_time&client=wt_lib&logld=vTE_20220627

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-D-RLWs5AADE0OHACXqaIRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:19 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="TranslateApiHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type: image/gif; charset=us-ascii
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-D-RLWs5AADE0OHACXqaIRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E 6 KB
3 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=A7fCU,BVgquf,COQbmf,CXsKQe,DFTXbf,EFQ78c,GkRiKb,HwavCb,IZT63,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,P5Thrf,PHUIyb,PQaYAf,PrPYRd,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VWuaCc,VwDzFe,W225x,XVMNvd,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,blwjVc,bm51tf,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,lPKSwe,lsjVmc,lwddkf,m9oV,n73qwf,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,soHxf,t1sulf,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

186229667fb519d86383ff429d1582e42121110ca5836aa9d2524cdfffa35934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://translate.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 19:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2811
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 03:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 19:01:31 GMT

POST
H2 200 log Show response
play.google.com/ Frame 059E 131 B
675 B 73ms
24ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://translate.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 14:58:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://translate.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 29 Jun 2022 14:58:20 GMT

GET
H/1.1 200
OK / Show response
www.avera.org/ Frame 03EF 44 KB
16 KB 762ms
477ms Document
text/html 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 15eae2666ea93ea9efacf3498c02bcf8c3b615d22f1653d31504a726a73ca3b3

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 15653
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Jun 2022 14:58:20 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=Edge,chrome=1

GET
H2

200

faviconV2
t1.gstatic.com/
Redirect Chain

https://www.google.com/s2/favicons?domain=avera.org
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16

792 B
1 KB

75ms
25ms

Image
image/png

2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16

Protocol

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b7a865fabf2357352518bb072b270ba3568a87afc6ebb6c103ac891828b2f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:20 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 792
x-xss-protection: 0
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-location: https://www.avera.org/favicon.ico
expires: Wed, 06 Jul 2022 14:58:20 GMT

Redirect headers

date: Wed, 29 Jun 2022 14:58:20 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Wed, 29 Jun 2022 15:28:20 GMT

POST
H3 200 t Show response
translate.googleapis.com/translate_a/ 20 B
75 B 97ms
97ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20220627&sl=auto&tl=en&tc=1&dom=1&sr=1&tk=574745.1032311&mode=1

Requested by

Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f168283e82e4fd2fa8adcf4081f0fb941f18eddfbbbd8f79acbad95d08a891c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-qmFM23fMKQm-6L9fsD9CIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 14:58:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="TranslateApiHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-qmFM23fMKQm-6L9fsD9CIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log Show response
play.google.com/ Frame 059E 131 B
155 B 75ms
45ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://translate.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 14:58:20 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: https://translate.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/plain; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Wed, 29 Jun 2022 14:58:20 GMT

GET
H/1.1 200
OK default.css
www.avera.org/css-min/ Frame 03EF 24 KB
8 KB 220ms
118ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/default.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 17:07:35 GMT
Server: Microsoft-IIS/8.5
ETag: "80251be6ec87d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7937
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK client.css
www.avera.org/css-min/ Frame 03EF 87 KB
26 KB 340ms
119ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/client.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 17:07:35 GMT
Server: Microsoft-IIS/8.5
ETag: "80251be6ec87d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 26216
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera.css
www.avera.org/css-min/ Frame 03EF 294 KB
72 KB 359ms
135ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/avera.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: b5235e4801e655e7d25a202bae251753fc2a4b24e196d35c8f3c03bbd4f1df79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 17:07:35 GMT
Server: Microsoft-IIS/8.5
ETag: "80251be6ec87d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 72982
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK home.css
www.avera.org/css-min/templates/ Frame 03EF 5 KB
3 KB 353ms
128ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/templates/home.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c933b53cece56ce24891abe3a2e0cdc4716feb52a662fcc5718f189b5461ff27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 17:07:44 GMT
Server: Microsoft-IIS/8.5
ETag: "725ee5ebec87d81:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2160
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.avera.org/scripts/ Frame 03EF 93 KB
47 KB 362ms
136ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/jquery-1.11.3.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 16:24:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0d071cfe687d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 47758
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.avera.org/scripts/ Frame 03EF 7 KB
5 KB 356ms
128ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/jquery-migrate-1.2.1.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:36 GMT
Server: Microsoft-IIS/8.5
ETag: "0b230558c61d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4079
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 03EF 150 KB
67 KB 370ms
140ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637874496180000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Thu, 29 Jun 2023 13:00:12 GMT
Cache-Control: public
Content-Length: 68352
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 03EF 14 KB
4 KB 458ms
117ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=4UFlqIq8P5vCqX7mGiiCoiYajF5qqMK4eXrfRm20qRSmjebHCDxmFewFviNSce0tRLIuJS8RSusI_V43dzNNKzWIBV23GD5pxiL50mxZJVIHbHBn6SXcLqCdWDlEnf7PywP3dXMjABZgtsUusZ6PuK72JMpSzefIlMJlG4L0vVjzwWdnlHyyW3iTA8hgjj1q0&t=637874496180000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Thu, 29 Jun 2023 14:00:32 GMT
Cache-Control: public
Content-Length: 3308
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 css2
fonts.googleapis.com/ Frame 03EF 26 KB
2 KB 60ms
25ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 14:44:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Jun 2022 14:58:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Jun 2022 14:58:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 03EF 101 KB
39 KB 79ms
36ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9663759

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95a003b9b3ad227ee54a136875f3a4e7a9be2123d8d1b8cbe71f64cafc989c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39947
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ Frame 03EF 8 KB
8 KB 237ms
165ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-logo-rev-white.png
www.avera.org/imgs/ Frame 03EF 6 KB
6 KB 120ms
120ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo-rev-white.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 6225
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-chart.png
www.avera.org/imgs/ Frame 03EF 6 KB
7 KB 254ms
123ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-chart.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 6373
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK search-icon2x.png
www.avera.org/imgs/icons/ Frame 03EF 2 KB
2 KB 237ms
152ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/search-icon2x.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2084
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 03EF 23 KB
7 KB 118ms
118ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=jYr4BoKVcrfRFg4D2UDxHtVjNMwp56ezP2GkmXW49ia4Sqv1UQQFNu40QJ-liMfAwKUTPvfvs0bRzz2tA8ruXgf9vDoZm7611lzjWsP0C181&t=637814437746327080
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/x-javascript
Expires: Thu, 29 Jun 2023 13:00:22 GMT
Cache-Control: public
Content-Length: 6768
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK client.js Show response
www.avera.org/scripts/ Frame 03EF 42 KB
16 KB 119ms
119ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/client.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 3218dc61f50c1f2dfb0d475b05d2645149c4dea7d416bff22c8af6a975503361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 16:24:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0d071cfe687d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 16381
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ Frame 03EF 4 KB
1 KB 157ms
156ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=xOX35DcLGnQUQWyGiY1yPWRICwmw97Rz5mvhBxjeimDlkJbQ6UPJ10mO-dBfvKY9WSY3c6Dxgi_lUKjJpgWIr7yYJFjWU7QMv_O1ThF5DA7oUI65MlcUmSo1v7IrDc2G5kkx361X74lvmaeT3M2pqPl-pYNYZ_Ld0skuvebBwR-L_QX7kzOYJGwXzf0IRQTrHfWqi4lYXsuAENE1yS7plQ2&t=637874496180000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 May 2022 21:00:18 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Thu, 29 Jun 2023 12:43:31 GMT
Cache-Control: public
Content-Length: 1137
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ Frame 03EF 100 KB
36 KB 157ms
154ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/ScriptResource.axd?d=wYUnArtQrNPyvM7wYYZvMGcFuWb0b8YZD_JczWHOCf4UuZLV03v7D4tfOm3isce564hDtb_-Q6O_6cOUra9FC25usqadIzlCK20zlvmVr46qhtRn3cgt57vCzkN6323dPGuVxXrBxMIUw44ClwGUE6xGpsakvlIUkRJRbe6AE_ggG5PF7HZKXZoz7I1BN07i0&t=49337fe8
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 14:00:33 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 37031
Expires: Thu, 29 Jun 2023 14:00:33 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ Frame 03EF 39 KB
14 KB 158ms
155ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/ScriptResource.axd?d=MQB67sxauURHKIbBby0IauFkaTI8LOX0bxcsg78R-V4AFsUrZJv3SvekcyqbS6K_7DpmRHlZpNwxWjBj2cFBrePbJlSNtJNsVsCnCFMJzG17vN_I5Rs2KKfAD-oVVqYBJhNuJGNu7ysJvZxNBVNBGsqVCmaTGtJqFrfnXTazPKwVLJ71tf8yJl_3lBK-XDwK0&t=49337fe8
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Jun 2022 12:43:31 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 14430
Expires: Thu, 29 Jun 2023 12:43:31 GMT

GET
H/1.1 200
OK Homepage-.jpg
www.avera.org/app/files/public/72701/ Frame 03EF 119 KB
119 KB 126ms
126ms Image
image/jpeg 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/72701/Homepage-.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Wed, 05 Jan 2022 16:07:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="Homepage-.jpg"
Content-Length: 121740
Expires: Wed, 29 Jun 2022 15:03:22 GMT

GET
H/1.1 200
OK covid-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 9 KB
9 KB 118ms
117ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/covid-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 8848
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK billpay-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 5 KB
5 KB 123ms
122ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/billpay-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4772
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK records-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 1 KB
2 KB 117ms
117ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/records-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1525
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK greeting-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 2 KB
2 KB 124ms
123ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/greeting-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2163
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK prayer-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 2 KB
3 KB 123ms
123ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/prayer-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2418
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK donate-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 2 KB
2 KB 217ms
116ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/donate-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2215
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK employment-icon.svg
www.avera.org/imgs/icons/ Frame 03EF 4 KB
4 KB 224ms
127ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/employment-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:04 GMT
Server: Microsoft-IIS/8.5
ETag: "0e410aee687d81:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4050
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

feeding-south-dakota-food-truck-volunteers.jpg
www.avera.org/app/files/public/82919/ Frame 03EF
Redirect Chain

https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg?size=small
https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small

2 KB
2 KB

126ms
126ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9a02cca8bf04f3f52aeb08f142a1e18e10cb0f5d65c184f8cf9800399c2b4c44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Sun, 26 Jun 2022 18:04:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="feeding-south-dakota-food-truck-volunteers.jpg"
Content-Length: 1559
Expires: Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small
Cache-Control: private
Content-Length: 198
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

family-and-healthcare-concept.jpg
www.avera.org/app/files/public/82918/ Frame 03EF
Redirect Chain

https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg?size=small
https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg?size=small

1 KB
2 KB

137ms
137ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c74f0894ecff00c8d7de8177b63bc6a12326738c0e3d2f55367da3b69ffca4d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Sun, 26 Jun 2022 14:57:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="family-and-healthcare-concept.jpg"
Content-Length: 1331
Expires: Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82918/family-and-healthcare-concept.jpg?size=small
Cache-Control: private
Content-Length: 185
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

medical-staff-discussion-at-nurses-station.jpg
www.avera.org/app/files/public/79135/ Frame 03EF
Redirect Chain

https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg?size=small
https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small

1 KB
2 KB

133ms
132ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 29f6bed3647112061811f999ca81614c27688f8f01bdba3d7287a9c8836a67ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Sun, 27 Dec 2020 17:53:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="medical-staff-discussion-at-nurses-station.jpg"
Content-Length: 1532
Expires: Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small
Cache-Control: private
Content-Length: 198
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK Behavioral-Health-Addition-Exterior-Photo-Medium.png
www.avera.org/app/files/public/82485/ Frame 03EF 383 KB
384 KB 133ms
131ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82485/Behavioral-Health-Addition-Exterior-Photo-Medium.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e725690313a5ae91171a40d35af22a6cd93f0b8ddef0827030287e61d0a71e58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Sun, 10 Apr 2022 14:33:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/png
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="Behavioral-Health-Addition-Exterior-Photo-Medium.png"
Content-Length: 392454
Expires: Wed, 29 Jun 2022 15:03:22 GMT

GET
H/1.1 200
OK movinghealthforward_tagline_72.png
www.avera.org/app/files/public/82030/ Frame 03EF 3 KB
4 KB 145ms
145ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: fbb45adf686a7e3e243893989f592071cc556d29f11fd103e95c6139a185ef3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Sun, 09 Jan 2022 16:59:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/png
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="movinghealthforward_tagline_72.png"
Content-Length: 3572
Expires: Wed, 29 Jun 2022 15:03:22 GMT

GET
H/1.1 200
OK facebook-gray.png
www.avera.org/imgs/ahp/ Frame 03EF 797 B
1 KB 120ms
120ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/facebook-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 797
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK twitter-gray.png
www.avera.org/imgs/ahp/ Frame 03EF 2 KB
2 KB 117ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/twitter-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2116
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK youtube-gray.png
www.avera.org/imgs/ahp/ Frame 03EF 2 KB
2 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/youtube-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1569
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK pinterest-gray.png
www.avera.org/imgs/ahp/ Frame 03EF 2 KB
3 KB 118ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/pinterest-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2338
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK linkedin-gray.png
www.avera.org/imgs/ahp/ Frame 03EF 1 KB
2 KB 118ms
118ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/linkedin-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1265
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-logo-reversed.png
www.avera.org/imgs/ Frame 03EF 5 KB
6 KB 121ms
120ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo-reversed.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 5571
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera.js Show response
www.avera.org/scripts/ Frame 03EF 94 KB
35 KB 158ms
155ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/avera.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 81bae4acb15f38092d128a317dcb99da47f27a83eebeb5a9e6e4f8364afe9877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 16:24:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0d071cfe687d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 35223
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 03EF 369 KB
92 KB 109ms
68ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4e8f5dd6a9303272e072a91dca59a98045daf7df832aaf76e2104899f7f24a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94303
x-xss-protection: 0
last-modified: Wed, 29 Jun 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H2 200 siteanalyze_69057.js Show response
siteimproveanalytics.com/js/ Frame 03EF 14 KB
6 KB 72ms
35ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_69057.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 703QY0VVV992ZS6A
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5127
x-amz-id-2: eNbL1kGOeSXpJ13jIfKHmHpgZlRW1wdJHJuP0TuO59N3XTPTWXR6Z/0zQbJk/cUrBHnHNLbYouM=
last-modified: Mon, 16 May 2022 09:44:16 GMT
server: cloudflare
etag: "0db568765387ecbf4ebab6b1396d61c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhoQJ6NNV8KPmyRU3K1GifFXVgl%2BP9QFJyHIm4Qaet44199ih5QYk8VJ%2FuiUc%2FqKzb4%2BoMimdm0W6tPdGsXK8Smz9Dcgbu%2BYQaodVS9Yw3WS6J3fEzRoF1SQh67mcGPF1EWug8e4SFsDp%2FRfwnVa8motlQgogWg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 722f85179b7a91f6-FRA

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 03EF 15 KB
15 KB 67ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 166717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:39:45 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 03EF 15 KB
16 KB 62ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 108760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 08:45:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 03EF 197 KB
70 KB 61ms
31ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6a58f48b5e3335c415ae481226ebc52a48098d3cd9cec7a65ec654584165140

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72015
x-xss-protection: 0
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ Frame 03EF 105 KB
40 KB 93ms
26ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MXB48L7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34213b385cae7b707f5728b6e2a2a8226e45723ea56aa0496c3b34e5582dc439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40905
x-xss-protection: 0
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H2 200 0056.js Show response
script.crazyegg.com/pages/scripts/0031/ Frame 03EF 6 KB
2 KB 392ms
365ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5c15be80ca89a8b5cb49082e802a4acfd48f287903244775b758774f43f82dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 722f8518d8f89be8-FRA
ce-version: 11.1.455
content-length: 2058
last-modified: Wed, 29 Jun 2022 14:58:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 03EF 39 KB
15 KB 343ms
294ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15000
x-xss-protection: 0
server: cafe
etag: 15252473734373555178
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 03EF 38 KB
12 KB 64ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F22E2DEA3DA5431988F9E3D394A672B4 Ref B: FRAEDGE1206 Ref C: 2022-06-29T14:58:22Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 29 Jun 2022 14:58:21 GMT
accept-ranges: bytes
content-length: 11374

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 03EF 49 KB
20 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6813
date: Wed, 29 Jun 2022 13:04:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Jun 2022 15:04:49 GMT

GET
H2 200 t.js Show response
30531.tctm.co/ Frame 03EF 52 KB
17 KB 85ms
26ms Script
application/x-javascript 2600:9000:21f3:800:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: b3d33f918be446899524f68104ed45a66e89ac2e342e60b285fb81106b970eb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 14:58:22 GMT
server: ctm
x-amz-cf-pop: FRA2-C2
etag: W/62bc688e00007743165633cc-30531
x-cache: Miss from cloudfront
content-type: application/x-javascript
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: ujfpeQt9N1c-rXd11ULIPJf-x3dUtvch1xfnhrhH7Qx5Xk5_TveEMA==

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ Frame 03EF 19 KB
6 KB 54ms
8ms Script
application/x-javascript 2600:9000:21f3:7c00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:7c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:20:32 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 14:20:22 GMT
server: Jetty(9.3.29.v20201019)
age: 2270
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: 8gRD7YcJUWxyHTkoTUss3J9yaqeF_p-0J8BIVy7TJRQB_wOBdj3pKw==
expires: Wed, 29 Jun 2022 15:20:32 GMT

GET
H/1.1 200
OK teads-fellow.js Show response
p.teads.tv/ Frame 03EF 17 KB
6 KB 59ms
8ms Script
application/javascript 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.teads.tv/teads-fellow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Wed, 29 Jun 2022 14:58:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 07:41:03 GMT
Server: AmazonS3
x-amz-request-id: 8PQNK1VCV7GN975Y
ETag: "a483ab54f15ef5b4755923baf02b68cb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=283
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5706
x-amz-id-2: 2wk7ipVCtLQYwH7fCZEJ1wPx6x0QD/pfs30lsNdPGZa5JBcAbHaO7k0EXFo1p33LjZdjhr47OMA=

GET TKqKSCG_tk4
www.youtube.com/embed/ Frame 8BBA 0
0

GET
H/1.1 200
OK light-pattern.png
www.avera.org/imgs/ Frame 03EF 2 KB
2 KB 220ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/light-pattern.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2194
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK facebook.png
www.avera.org/imgs/ahp/ Frame 03EF 2 KB
2 KB 116ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/facebook.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2065
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK twitter.png
www.avera.org/imgs/ahp/ Frame 03EF 2 KB
2 KB 117ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/twitter.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2049
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK youtube.png
www.avera.org/imgs/ahp/ Frame 03EF 3 KB
4 KB 118ms
118ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/youtube.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 3571
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK pinterest.png
www.avera.org/imgs/ahp/ Frame 03EF 2 KB
2 KB 117ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/pinterest.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2270
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK linkedin.png
www.avera.org/imgs/ahp/ Frame 03EF 1 KB
1 KB 117ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/linkedin.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1225
X-UA-Compatible: IE=Edge,chrome=1

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 03EF 15 KB
15 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.avera.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 157827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Jun 2023 19:07:55 GMT

GET TKqKSCG_tk4
www.youtube.com/embed/ Frame CD53 0
0

GET
H/1.1 200
OK arrow-up-circle.png
www.avera.org/imgs/ Frame 03EF 1 KB
2 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/arrow-up-circle.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/client.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/client.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Fri, 24 Jun 2022 16:23:02 GMT
Server: Microsoft-IIS/8.5
ETag: "0b7dface687d81:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1326
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

feeding-south-dakota-food-truck-volunteers.jpg
www.avera.org/app/files/public/82919/ Frame 03EF
Redirect Chain

https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg
https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg

89 KB
90 KB

124ms
123ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 3605c1411f79957f27d1dae87686ce0c6cc0f887cbf5c08c4208d329db7403d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Sun, 26 Jun 2022 18:04:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="feeding-south-dakota-food-truck-volunteers.jpg"
Content-Length: 91582
Expires: Wed, 29 Jun 2022 15:03:23 GMT

Redirect headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg
Cache-Control: private
Content-Length: 187
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

family-and-healthcare-concept.jpg
www.avera.org/app/files/public/82918/ Frame 03EF
Redirect Chain

https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg
https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg

52 KB
53 KB

126ms
126ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 81a8a5fa403010e18fcfd0d01a5209c195c3793caa948afe645c7f3aebbd73f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified: Sun, 26 Jun 2022 14:57:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="family-and-healthcare-concept.jpg"
Content-Length: 53641
Expires: Wed, 29 Jun 2022 15:03:23 GMT

Redirect headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/82918/family-and-healthcare-concept.jpg
Cache-Control: private
Content-Length: 174
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

medical-staff-discussion-at-nurses-station.jpg
www.avera.org/app/files/public/79135/ Frame 03EF
Redirect Chain

https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg
https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg

86 KB
86 KB

127ms
127ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 38a2e967771266d9d1906db3586b9fecb915af15f2b6c472ac6f7f92661a7e14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified: Sun, 27 Dec 2020 17:53:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="medical-staff-discussion-at-nurses-station.jpg"
Content-Length: 88039
Expires: Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date: Wed, 29 Jun 2022 14:58:21 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg
Cache-Control: private
Content-Length: 187
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK image.aspx
69057.global.siteimproveanalytics.io/ Frame 03EF 34 B
620 B 84ms
10ms Image
image/gif 3.74.77.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://69057.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&title=Avera%20Health&res=1600x1200&accountid=69057&rt=1736&prev=0933de89-7684-1c2a-55d3-af448665d7aa&luid=ac0e08ba-face-6d7f-f05f-86ee67278e60&rnd=9092
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.74.77.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-74-77-177.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Wed, 29 Jun 2022 14:58:22 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ Frame 03EF 124 KB
40 KB 75ms
11ms Script
text/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: kkx8cmGgooMGeimwW4In93s6hIJC6Azb
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 21:07:42 GMT
server: AmazonS3
age: 1921
etag: W/"1f44d59b4ca2d82abb2911699e1698a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Wed, 29 Jun 2022 14:26:25 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: E5ZsIsIVeuWj-4pXHMak5Q44iJryzXPYpeDSfNMS7FuERG6vNSP0JQ==

GET
H/1.1 200
OK slick.js Show response
www.avera.org/scripts/ Frame 03EF 42 KB
16 KB 131ms
131ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/slick.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637874496180000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 16:24:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0d071cfe687d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 15758
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 TKqKSCG_tk4 Show response
www.youtube.com/embed/ Frame CD53 64 KB
26 KB 77ms
76ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1d2352b99cafa21c1b9154bdc16a52dfde107822627759316eceae124ad830f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 29 Jun 2022 14:58:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 03EF 980 B
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0217441ee1280cf8b94315b6410c28f97dac9d4e80985c5d1528de90c0745187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H/1.1 200
OK ca.html Show response
20770730p.rfihub.com/ Frame C8AC 3 KB
3 KB 135ms
27ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&ra=7783090647930757
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 0f2b55267e19c1138152ab60d3ea4bc0f56277ac2b60d7c35caf88b8648fa38a

Request headers

Referer: https://www.avera.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2674
Content-Type: text/html;charset=utf-8
Date: Wed, 29 Jun 2022 14:58:22 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 204 13006411.js Show response
bat.bing.com/p/action/ Frame 03EF 0
135 B 253ms
253ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13006411.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B712446C2824413B9F1529D3B0A40C7D Ref B: FRAEDGE1206 Ref C: 2022-06-29T14:58:22Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 29 Jun 2022 14:58:21 GMT

GET
H2 204 0
bat.bing.com/action/ Frame 03EF 0
175 B 36ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13006411&tm=gtm002&Ver=2&mid=77cf5d52-2466-4e8a-b074-0f05eeb35b18&sid=eb8629b0f7bb11eca595498ad35dfe78&vid=eb866940f7bb11ecbb12993e1737c22a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Avera%20Health&p=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&r=&lt=1734&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=291018

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5E1A6D8CA6F8454587C799734B49BC20 Ref B: FRAEDGE1206 Ref C: 2022-06-29T14:58:22Z
date: Wed, 29 Jun 2022 14:58:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK advertiser Show response
cm.teads.tv/v2/ Frame 03EF 80 B
423 B 88ms
35ms Fetch
application/json 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.avera.org%2F&buyer_pixel_id=4963
Requested by: Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f548ff6ad911d8e6bc52c6c8e7c730e5f99d613cc522d04ed2ee7fb1ca040df6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 14:58:22 GMT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.avera.org
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 80
Expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/60c2da65/www-widgetapi.vflset/ Frame 03EF 155 KB
50 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:57:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51402
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Jun 2023 14:57:16 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1842/1248633193/ Frame 03EF 3 KB
1 KB 403ms
403ms Script
text/javascript 13.224.189.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1842/1248633193/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-35.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: og8LYy4F7wYsj7xWF5dblQTTolj4Jr4r
content-encoding: gzip
last-modified: Fri, 03 Jun 2022 20:39:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"91458637d9d9d3064f357ca4faab79db"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Wed, 29 Jun 2022 14:58:23 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: 0fiLrru5J-vvEm9yP72hq5_6BOc52_hoDzRIjRbstze57KtRmJkRNQ==

GET
H3 200 www-player.css
www.youtube.com/s/player/60c2da65/ Frame CD53 339 KB
47 KB 23ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47636
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Jun 2023 01:50:56 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/60c2da65/www-embed-player.vflset/ Frame CD53 301 KB
93 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95238
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Jun 2023 13:09:32 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame CD53 2 MB
535 KB 33ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547314
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Jun 2023 20:48:48 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/ Frame CD53 9 KB
3 KB 32ms
23ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 21:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61617
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 28 Jun 2023 21:51:25 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD53 15 KB
15 KB 16ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 78701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:06:41 GMT

GET
H2 200 track
t.teads.tv/ Frame 03EF 23 B
143 B 130ms
39ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=pageView&env=js-web&tag_version=5.5.4_dee72da&buyer_pixel_id=4963&referer=https%3A%2F%2Fwww.avera.org%2F&cohort_id=Avera%20Health
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/ Frame 03EF 2 KB
1 KB 85ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/?random=1656514702541&cv=9&fst=1656514702541&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&tiba=Avera%20Health&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b238bb6f61a09ba478c37daad75f8e01f21c0a8666183a3a771093cb0c75e003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame CD53
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

59ms
23ms

XHR
application/json

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5f7b369cfa7395e7b156e5860c348f0a65764ff9571652cb004340c3b92b180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame CD53 29 B
587 B 61ms
15ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:49:42 GMT
x-content-type-options: nosniff
age: 520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 15:04:42 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 71ms
30ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 29 Jun 2022 14:58:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CD53 63 KB
29 KB 62ms
30ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f388d46554174951340c9c65a87cf902c82ec409bb572113add1e6c5b67f149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29966
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame CD53 119 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd22f5124e1dcfcb43868204d7edf24738c04a2bcf06c9ff5031de2b999fab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37797
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Jun 2023 20:48:48 GMT

GET
H3 200 486y80sSt9Sf0OH0l2rh2a_Yw0NOdz-g3SKVK3WgbS0.js Show response
www.google.com/js/th/ Frame CD53 36 KB
14 KB 62ms
25ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/486y80sSt9Sf0OH0l2rh2a_Yw0NOdz-g3SKVK3WgbS0.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3ceb2f34b12b7d49fd0e1f4976ae1d9afd8c3434e773fa0dd22952b75a06d2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13912
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 29 Jun 2023 13:17:30 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame CD53 27 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 151652
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8115
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Jun 2023 20:50:50 GMT

GET
H2 200 0056.json Show response
script.crazyegg.com/pages/data-scripts/0031/ Frame 03EF 14 KB
2 KB 182ms
167ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d80d61b07064b516b4a794ec7fc0ed401aa1ff0afa689017cdc55e6b85ff6d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 722f851bcdd0914a-FRA
ce-version: 11.1.455
content-length: 2057
last-modified: Wed, 29 Jun 2022 14:58:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame CD53 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQU33RytyziQUNEP8ULz_yZlOjzDeAcWiFcADe4iQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD53 3 KB
3 KB 60ms
13ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQU33RytyziQUNEP8ULz_yZlOjzDeAcWiFcADe4iQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

448d891b4a6cb2482684807968e24f0afb57c09926fd59f4aac565bb2bc299e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 12:31:43 GMT
x-content-type-options: nosniff
age: 8799
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2727
x-xss-protection: 0
server: fife
etag: "v85"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 14 Jun 2022 14:56:26 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/TKqKSCG_tk4/ Frame CD53 37 KB
37 KB 84ms
28ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/TKqKSCG_tk4/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f056fde2cca436b7198ce1d2488f31abf0975c8992a090cb2191780a40d28f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37746
x-xss-protection: 0
server: sffe
etag: "1640012890"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 16:58:22 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1060691714/ Frame 03EF 42 B
64 B 33ms
27ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060691714/?random=1656514702541&cv=9&fst=1656511200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=4045782179&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1060691714/ Frame 03EF 42 B
548 B 70ms
27ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060691714/?random=1656514702541&cv=9&fst=1656511200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=4045782179&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame C8AC
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMDk1NzkyOTY2OQ==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1

42 B
1010 B

65ms
16ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C8AC
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5141210820957929669
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669

43 B
1 KB

17ms
17ms

Image
image/gif

185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

HTTP/1.1

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 14:58:22 GMT
X-Proxy-Origin: 178.162.209.129; 178.162.209.129; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b6dc1c11-5f2f-41e6-91bb-25cd03324f78
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 14:58:22 GMT
X-Proxy-Origin: 178.162.209.129; 178.162.209.129; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 43fc3b47-b295-4e72-9ff0-3a8f6e81bec5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C8AC 0
239 B 41ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5141210820957929669&
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C8AC
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210820957929669&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=

42 B
942 B

38ms
35ms

Image
image/gif

52.51.78.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

HTTP/1.1

Server

52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-78-176.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v035-063a29b33.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /4fkDb+qQHI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v035-0fd79b494.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: O6HsT+WQQ2Y=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame C8AC
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0

0
344 B

49ms
8ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0
Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame C8AC 45 B
616 B 87ms
47ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210820957929669

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
server: Apache
date: Wed, 29 Jun 2022 14:58:22 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame C8AC 0
105 B 68ms
9ms Image
text/plain 3.65.187.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.187.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-187-215.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame C8AC
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210820957929669&referrer=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da3dc72d9-49c3-470f-af3d-7885b0879638...
https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82

0
9 B

51ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame C8AC 43 B
109 B 344ms
137ms Image
image/gif 34.204.34.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5141210820957929669
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-34-148.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:23 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame C8AC
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1

43 B
944 B

57ms
42ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 722f851ced7e9b1c-FRA
pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNuh91hSwMnqgsOcVppRv6gc61ezZrB%2FrsvN%2F3VZenSPI1a1U1s4z8rMS%2BGfMoEGEJHbOxE5pdUuaOmbE4ElTbrg%2Fa6HEhbg92EOjJsko6YaR45FV8XlLiw2Skz001VVRkJuNKNxiEmCHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsgaaVQiWPXOHyLCrRnPcTYskPvBdJ8wXJ%2FMFaDu6LkrHWqBuubJOAP%2F4ANeESnpVZpW1Fi19Myb%2B27T%2BSYEoa%2FjkuBzf6FlUS99ahdxHSlD%2F2PeBwSRqz5DP8MyJfWVTyIX69daX2oPwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1
cache-control: no-cache
cf-ray: 722f851c2c429119-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame C8AC 0
98 B 70ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5141210820957929669
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame C8AC 43 B
191 B 601ms
154ms Image
image/gif 104.90.192.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210820957929669

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-192-27.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:23 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 29 Jun 2022 14:58:23 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame C8AC
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406

43 B
549 B

24ms
16ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 120
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 29 Jun 2022 14:58:22 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 33
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame C8AC 43 B
183 B 320ms
99ms Image
image/gif 2600:1f18:612b:4264:95d7:83c7:b563:cce1
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5141210820957929669&r=UQn4tUeNfoYk
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:95d7:83c7:b563:cce1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:23 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame C8AC 43 B
377 B 129ms
32ms Image
image/gif 54.76.93.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210820957929669
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.93.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-93-140.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:22 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame C8AC 0
338 B 106ms
32ms Image
text/plain 34.253.150.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5141210820957929669
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.150.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-150-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1656514702
x-served-by: beacon-n015-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame C8AC
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210820957929669&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30

43 B
510 B

109ms
109ms

Image
image/gif

35.211.178.172

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30
Protocol: HTTP/1.1
Server: 35.211.178.172 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30
Date: Wed, 29 Jun 2022 14:58:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame C8AC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YrxojgAMcC1ZTgAj
https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj

42 B
1 KB

17ms
17ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 14:58:23 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 29 Jun 2022 14:58:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1656514703.049480,VS0,VE0
x-served-by: cache-fra19144-FRA
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame CD53 4 KB
2 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 14:58:22 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame CD53 0
9 B 15ms
14ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?GUGhDg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 11.1.455.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ Frame 03EF 86 KB
28 KB 20ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 24 Jun 2022 04:57:06 GMT
server: cloudflare
age: 10881
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 722f851cea7a9be8-FRA
content-length: 28087

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/103/ Frame CD53 52 KB
15 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/103/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 10:15:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16967
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15123
x-xss-protection: 0
last-modified: Mon, 02 May 2022 15:04:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 30 Jun 2022 10:15:35 GMT

GET
H2 200 0056.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0031/ Frame 03EF 860 B
422 B 188ms
186ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0031/0056.json?t=460142
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 346fa7cd7e18e5149bd8305eeeab929b467de87e477f67e68e16aac3cb94f5b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 14:58:23 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 722f851d2832914a-FRA
ce-version: 11.1.455
content-length: 312
last-modified: Wed, 29 Jun 2022 14:58:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CD53 98 B
142 B 25ms
24ms XHR
application/json+protobuf 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af8afee61af15164021120f92b0320516a7c472925d55c3c5f2401e24f5b15ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 29 Jun 2022 14:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 22ms
21ms Preflight
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 29 Jun 2022 14:58:22 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ Frame 03EF 19 B
419 B 40ms
10ms XHR
binary/octet-stream 13.224.189.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-115.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 10:11:21 GMT
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 7015623
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: iykS_6dSnMzVgNkqOxUGUxMK8Rdf5a_pURG1V-k5u6q48QM-bwowBQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ Frame 03EF 19 B
418 B 47ms
8ms XHR
binary/octet-stream 99.86.4.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-55.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 02 Jun 2022 00:59:39 GMT
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2383124
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: Ihplj--59vEPrpoNMf2PiK4oekndLRW7pw_y4wQ5RGDNdEcwNbhDYQ==

GET
BLOB 200
OK 58c59a35-eb72-4c79-9c5b-2d172e9e02ac
https://www.avera.org/ Frame 03EF 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/58c59a35-eb72-4c79-9c5b-2d172e9e02ac
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame 03EF 29 B
136 B 152ms
70ms XHR
text/plain 34.250.171.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1656514703167
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.171.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-171-64.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: fa3161fecf78e06b0e690f590b5d6672360ffa85e9376b8f78c98710bb85969a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 29 Jun 2022 14:58:23 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

GET
BLOB 200
OK e5c2b8eb-3ecf-4dc5-bd6a-54b1a51fe8cb
https://www.avera.org/ Frame 03EF 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/e5c2b8eb-3ecf-4dc5-bd6a-54b1a51fe8cb
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e4e1930fcdb6fa4259027bb2e66913c9cce2bf0998c9a7b58b76b8259bb1e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4

Domain: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avera.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: diyyo1j4pnll4w0vllzyhjer
www.avera.org/	1970-01-20 12:54:10	Name: mobileview Value: web
.bing.com/	1970-01-20 13:30:10	Name: MUID Value: 3304E4CB293D64B53902F51928EF6599
30531.tctm.co/	1969-12-31 23:59:59	Name: ct30531 Value: 62bc688e00007743165633cc
69057.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1BF185CB12C799AC7E8F30E4356ECAB670474BBE589003797336CE4C220D28A5614DC7EEC747F692D0A0C2A750D9EEAE4C03879C28C5495E651A5552CEF5FE46587B6FE465
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 7BMvPeuvlzg
.youtube.com/	1970-01-20 08:27:46	Name: VISITOR_INFO1_LIVE Value: IGdr-m1GmRE
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwMrA0Nbc0sjQzsxTiM9Qt90kOcizQzXHPNvADAH-aKvYlAAAA
.rfihub.com/	1970-01-20 13:30:10	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwMrA0Nbc0sjQzsxTiM9Qt90kOcizQzXHPNvADAH-aKvYlAAAA
.casalemedia.com/	1970-01-20 12:54:10	Name: CMID Value: YrxojiocrhlcukhT-WS9kQAA
.casalemedia.com/	1970-01-20 06:18:10	Name: CMPS Value: 5206
.casalemedia.com/	1970-01-20 06:18:10	Name: CMPRO Value: 5206
.adnxs.com/	1970-01-20 06:18:10	Name: uuid2 Value: 598789983592342966
.doubleclick.net/	1970-01-20 13:30:10	Name: IDE Value: AHWqTUkF38LJNJVoGRDvwQsR8ypYN0Bg0JE6NokSVQ_Oi1xnql9PSlMFrql5zsJYAl0
.media.net/	1970-01-20 12:54:10	Name: visitor-id Value: 2995163021491310000V10
.media.net/	1970-01-20 12:52:44	Name: data-rk Value: 5141210820957929669~~3
.demdex.net/	1970-01-20 08:27:46	Name: demdex Value: 01232164074525332933612942799980085529
.adnxs.com/	1970-01-20 06:18:10	Name: anj Value: dTM7k!M4/YErk#WF']wIg2C$MiKwgB!]tbPl1MNu::wpAk`W=ii+fWPdX=SDjH2Osieku8XcYra[KI4Y!AXTO:4=sB!%^/O@we7$
.spotxchange.com/	1970-01-20 12:54:14	Name: audience Value: ebcf6389-f7bb-11ec-acb9-14c817940406
.dpm.demdex.net/	1970-01-20 08:27:46	Name: dpm Value: 01232164074525332933612942799980085529
.eyeota.net/	1970-01-20 04:08:35	Name: SERVERID Value: 22683~DM
.rezync.com/	1970-01-20 08:27:21	Name: zync-uuid Value: a3dc72d9-49c3-470f-af3d-7885b0879638:1656514702.82
live.rezync.com/	1970-01-20 08:27:46	Name: sd-session-id Value: .eJwVysEKgjAYAOBXif_cYVtqTegSKxDaL4IgdpGyEVNn4SbhxHfPjh98M1QfNZh7r3oHsRtGtYW606ssxDNY7Y1qIYaQBpRRcmCEh3vOeBRxWLZglbX63Vf6-d-bxzrLHNvS19NNtA5F18iJEPQncy0uRrLMoX8FWCTfVNQhNjJImzPDvKQyz3ZSJGMqkiMsyw_AvTCL.FZ36Dg.89N4EWxYIw8oH1xdTgPD_CfEFGg
.casalemedia.com/	1970-01-20 06:18:10	Name: CMTS Value: 1132
.krxd.net/	1970-01-20 08:27:46	Name: _kuid_ Value: O7WskO9q
.everesttech.net/	1970-01-20 12:54:10	Name: everest_g_v2 Value: g_surferid~YrxojgAMcC1ZTgAj
.rfihub.com/	1970-01-20 13:30:10	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmpmamhibmBkYmm2Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYy39zCcBGrQGRRRX5WuqNvsrNhVEi6Y9YqVoQSYwMz002saFZwo3kJjT9J2CjROCXZ3CjFUtfEMtlYFyieppuYZpyia25hYZpkYGFuaWZsYYXQpGdhNEsYyRBLY4NFwqiGPkLjAwBzZWQeiAEAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAFvFKBBZVJGfle7om-xsGBWS7pjVxGKUaJySbG6UYqlrYplsrGtibpCmm5hmnKJrbmFhmmRgYW5pZmxhZWhmamZqCJQ00rMwAgD80rgESAAAAA
.avera.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.avera.org/	1969-12-31 23:59:59	Name: cebsp Value: 1
.avera.org/	1970-01-20 12:54:10	Name: _ce.s Value: v~6871a714c04a006c79f212ab106e2fa2bab587ef~vpv~0~v11.rlc~1656514703323

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/js/jquery-1.11.1.min.js.download Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/images/favicons Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5141210820957929669 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *.translate.goog
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20770730p.rfihub.com
30531.tctm.co
5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
69057.global.siteimproveanalytics.io
a.rfihub.com
aa.agkn.com
ajax.googleapis.com
assets-tracking.crazyegg.com
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.teads.tv
code.jquery.com
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
jnn-pa.googleapis.com
live.rezync.com
maxcdn.bootstrapcdn.com
p.rfihub.com
p.teads.tv
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pixel.rubiconproject.com
play.google.com
ps.eyeota.net
script.crazyegg.com
siteimproveanalytics.com
solutions.invocacdn.com
stackpath.bootstrapcdn.com
static.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.teads.tv
t1.gstatic.com
tracking.crazyegg.com
translate.google.com
translate.googleapis.com
u27352119.ct.sendgrid.net
www.avera.org
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.pngitem.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
www.youtube.com
104.18.19.126
104.89.28.165
104.90.192.27
13.224.189.115
13.224.189.35
13.225.78.123
142.250.185.66
151.101.66.49
167.89.118.35
172.217.18.2
173.208.219.12
185.33.221.14
185.94.180.125
193.0.160.129
2.18.235.93
2001:4de0:ac18::1:a:1a
2600:1f18:612b:4264:95d7:83c7:b563:cce1
2600:9000:21f3:7c00:1:76cf:fe80:93a1
2600:9000:21f3:800:12:de4a:40:93a1
2606:4700::6811:180e
2606:4700::6812:76b
2606:4700::6812:acf
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2016
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a06:98c1:3120::3
3.127.178.105
3.65.187.215
3.74.77.177
34.204.34.148
34.250.171.64
34.253.150.146
35.211.178.172
35.244.174.68
52.162.218.125
52.51.78.176
54.76.93.140
69.173.144.165
99.86.4.55
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044
0217441ee1280cf8b94315b6410c28f97dac9d4e80985c5d1528de90c0745187
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e4e1930fcdb6fa4259027bb2e66913c9cce2bf0998c9a7b58b76b8259bb1e6c
0f2b55267e19c1138152ab60d3ea4bc0f56277ac2b60d7c35caf88b8648fa38a
0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef
13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0
13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78
15eae2666ea93ea9efacf3498c02bcf8c3b615d22f1653d31504a726a73ca3b3
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
186229667fb519d86383ff429d1582e42121110ca5836aa9d2524cdfffa35934
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f388d46554174951340c9c65a87cf902c82ec409bb572113add1e6c5b67f149
2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
2815abcc1ebbaef289b2c054f6e9c342781a29fed7606f0a756f51e11e06a205
29f6bed3647112061811f999ca81614c27688f8f01bdba3d7287a9c8836a67ef
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13
3218dc61f50c1f2dfb0d475b05d2645149c4dea7d416bff22c8af6a975503361
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26
34213b385cae7b707f5728b6e2a2a8226e45723ea56aa0496c3b34e5582dc439
346fa7cd7e18e5149bd8305eeeab929b467de87e477f67e68e16aac3cb94f5b9
3605c1411f79957f27d1dae87686ce0c6cc0f887cbf5c08c4208d329db7403d6
38a2e967771266d9d1906db3586b9fecb915af15f2b6c472ac6f7f92661a7e14
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2
448d891b4a6cb2482684807968e24f0afb57c09926fd59f4aac565bb2bc299e5
468a4b0d07ebf83c9fc570555de7ece6182bd070fa5d85110983e928f27f2605
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d80d61b07064b516b4a794ec7fc0ed401aa1ff0afa689017cdc55e6b85ff6d9
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e8f5dd6a9303272e072a91dca59a98045daf7df832aaf76e2104899f7f24a6e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50e3ddb1150ec53e199960f53c985fd366459cd235e3493f8220ad5eea1bc8ca
51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
564d2d9cb1733785392951d9805f002539677fc01730f7a5bc51fa8c6cc4d542
567e696f9b3ede076143a8f5931e4b5951ef0d4404456addbfdaf416ec02746e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5
6553190991765f48d49b0ebb1e6aca187e6e73a9fdcca36d469cf2959fde3ed3
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12
6b96eea12a95503b938e26be81037a78006b1ffe000ec6c2aa69a026caab7b79
6c29508e47b449f9003988bf14aa818b0ae6bb835f71684ed1e1dd3d9cb3ae1d
6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c
70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297
7cca7f579302e4c17877cd5c652d7fe8b139853077f182dcbae1ef917911ff94
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67
81a8a5fa403010e18fcfd0d01a5209c195c3793caa948afe645c7f3aebbd73f1
81bae4acb15f38092d128a317dcb99da47f27a83eebeb5a9e6e4f8364afe9877
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8b7a865fabf2357352518bb072b270ba3568a87afc6ebb6c103ac891828b2f39
8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
95a003b9b3ad227ee54a136875f3a4e7a9be2123d8d1b8cbe71f64cafc989c19
9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99294fad3e114681d7504cad26b5d425bf7bb98c82bb4abce603e145ba2e3e17
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
9a02cca8bf04f3f52aeb08f142a1e18e10cb0f5d65c184f8cf9800399c2b4c44
9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6a58f48b5e3335c415ae481226ebc52a48098d3cd9cec7a65ec654584165140
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159
af8afee61af15164021120f92b0320516a7c472925d55c3c5f2401e24f5b15ed
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d2352b99cafa21c1b9154bdc16a52dfde107822627759316eceae124ad830f
b238bb6f61a09ba478c37daad75f8e01f21c0a8666183a3a771093cb0c75e003
b3d33f918be446899524f68104ed45a66e89ac2e342e60b285fb81106b970eb3
b40c01e08b557027b0a8bdef7b5eb4987159fc993f619fd2d476548fdedb389e
b5235e4801e655e7d25a202bae251753fc2a4b24e196d35c8f3c03bbd4f1df79
bfd22f5124e1dcfcb43868204d7edf24738c04a2bcf06c9ff5031de2b999fab4
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c74f0894ecff00c8d7de8177b63bc6a12326738c0e3d2f55367da3b69ffca4d6
c933b53cece56ce24891abe3a2e0cdc4716feb52a662fcc5718f189b5461ff27
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
cfdeb7581f3fd1c3939c601fddbdff2dd2dd390ae39b29dc1f5239b412699fcc
d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75
d96a1eaf45053f482af9839786a143baf958b5351593921477009d8b460cac20
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ceb2f34b12b7d49fd0e1f4976ae1d9afd8c3434e773fa0dd22952b75a06d2d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1
e725690313a5ae91171a40d35af22a6cd93f0b8ddef0827030287e61d0a71e58
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0100a76311bfe891d95a47a600573d31b0f29f9e807abe1c73cfbd7a8616b55
f056fde2cca436b7198ce1d2488f31abf0975c8992a090cb2191780a40d28f4d
f168283e82e4fd2fa8adcf4081f0fb941f18eddfbbbd8f79acbad95d08a891c0
f548ff6ad911d8e6bc52c6c8e7c730e5f99d613cc522d04ed2ee7fb1ca040df6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c15be80ca89a8b5cb49082e802a4acfd48f287903244775b758774f43f82dd
f5f7b369cfa7395e7b156e5860c348f0a65764ff9571652cb004340c3b92b180
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
fa3161fecf78e06b0e690f590b5d6672360ffa85e9376b8f78c98710bb85969a
fbb45adf686a7e3e243893989f592071cc556d29f11fd103e95c6139a185ef3e

5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog Open in urlscan Pro 2a00:1450:4001:806::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

87 %HTTPS

50 %IPv6

46 Domains

63 Subdomains

53 IPs

5 Countries

3391 kBTransfer

8549 kBSize

31 Cookies

0 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog Open in urlscan Pro
2a00:1450:4001:806::2001 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

87 %
HTTPS

50 %
IPv6

46
Domains

63
Subdomains

53
IPs

5
Countries

3391 kB
Transfer

8549 kB
Size

31
Cookies

162 HTTP transactions
3 data transactions