5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog Open in urlscan Pro
2a00:1450:4001:806::2001  Public Scan

Submitted URL: https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXhWjT05v1DliJzvFZ-2FrX...
Effective URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Submission: On June 29 via manual from US — Scanned from DE

Summary

This website contacted 53 IPs in 5 countries across 46 domains to perform 162 HTTP transactions. The main IP is 2a00:1450:4001:806::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog.
TLS certificate: Issued by GTS CA 1C3 on June 6th 2022. Valid for: 3 months.
This is the only time 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.35 11377 (SENDGRID)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
1 173.208.219.12 32097 (WII)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 55 52.162.218.125 8075 (MICROSOFT...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.185.66 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
3 104.89.28.165 16625 (AKAMAI-AS)
1 3.74.77.177 16509 (AMAZON-02)
2 13.224.189.35 16509 (AMAZON-02)
2 5 193.0.160.129 54312 (ROCKETFUEL)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 172.217.18.2 15169 (GOOGLE)
1 2 185.33.221.14 29990 (ASN-APPNEX)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 52.51.78.176 16509 (AMAZON-02)
1 3.127.178.105 16509 (AMAZON-02)
1 2.18.235.93 16625 (AKAMAI-AS)
1 3.65.187.215 16509 (AMAZON-02)
1 1 13.225.78.123 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
1 34.204.34.148 14618 (AMAZON-AES)
1 2 104.18.19.126 13335 (CLOUDFLAR...)
1 104.90.192.27 16625 (AKAMAI-AS)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 54.76.93.140 16509 (AMAZON-02)
1 34.253.150.146 16509 (AMAZON-02)
1 2 35.211.178.172 ()
2 2 151.101.66.49 54113 (FASTLY)
1 13.224.189.115 16509 (AMAZON-02)
1 99.86.4.55 16509 (AMAZON-02)
1 34.250.171.64 16509 (AMAZON-02)
162 53
Apex Domain
Subdomains
Transfer
55 avera.org
www.avera.org — Cisco Umbrella Rank: 241277
1 MB
22 gstatic.com
www.gstatic.com
fonts.gstatic.com
t1.gstatic.com
554 KB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107 Failed
800 KB
10 google.com
translate.google.com — Cisco Umbrella Rank: 1433
play.google.com — Cisco Umbrella Rank: 46
www.google.com — Cisco Umbrella Rank: 8
124 KB
10 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 307
translate.googleapis.com — Cisco Umbrella Rank: 1212
fonts.googleapis.com — Cisco Umbrella Rank: 71
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
142 KB
7 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1888
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 3560
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 3482
tracking.crazyegg.com — Cisco Umbrella Rank: 3393
34 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
3 KB
5 rfihub.com
20770730p.rfihub.com — Cisco Umbrella Rank: 640161
a.rfihub.com — Cisco Umbrella Rank: 3055
p.rfihub.com — Cisco Umbrella Rank: 775
7 KB
3 teads.tv
p.teads.tv — Cisco Umbrella Rank: 6409
cm.teads.tv — Cisco Umbrella Rank: 6765
t.teads.tv — Cisco Umbrella Rank: 2210
7 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 362
12 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
202 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
607 B
2 bidswitch.net
x.bidswitch.net
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
1 KB
2 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 321
107 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 192
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
2 KB
2 invocacdn.com
solutions.invocacdn.com — Cisco Umbrella Rank: 6279
41 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 741
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211
29 KB
2 nftstorage.link
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 457
338 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 445
377 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 888
183 B
1 addthis.com
x.dlx.addthis.com — Cisco Umbrella Rank: 1141
191 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1822
109 B
1 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1762
790 B
1 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1051
105 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 529
616 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 976
344 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
239 B
1 google.de
www.google.de — Cisco Umbrella Rank: 5448
548 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
37 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 257
3 KB
1 siteimproveanalytics.io
69057.global.siteimproveanalytics.io — Cisco Umbrella Rank: 610077
620 B
1 rfihub.net
c1.rfihub.net — Cisco Umbrella Rank: 5238
6 KB
1 tctm.co
30531.tctm.co — Cisco Umbrella Rank: 568174
17 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
15 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1355
40 KB
1 siteimproveanalytics.com
siteimproveanalytics.com — Cisco Umbrella Rank: 3798
6 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
24 KB
1 pngitem.com
www.pngitem.com — Cisco Umbrella Rank: 60606
55 KB
1 translate.goog
5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
6 KB
1 sendgrid.net
u27352119.ct.sendgrid.net
400 B
162 46
Domain Requested by
55 www.avera.org 6 redirects 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
www.avera.org
13 www.gstatic.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
www.gstatic.com
translate.google.com
translate.googleapis.com
www.youtube.com
10 www.youtube.com www.avera.org
www.googletagmanager.com
www.youtube.com
8 fonts.gstatic.com translate.google.com
fonts.googleapis.com
www.youtube.com
5 translate.google.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
www.gstatic.com
4 jnn-pa.googleapis.com www.youtube.com
4 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
4 translate.googleapis.com
3 p.rfihub.com 2 redirects www.avera.org
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.youtube.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
www.avera.org
3 www.googletagmanager.com www.avera.org
www.googletagmanager.com
3 www.google.com 1 redirects www.youtube.com
www.avera.org
2 sync-tm.everesttech.net 2 redirects
2 x.bidswitch.net 1 redirects
2 sync.search.spotxchange.com 1 redirects www.avera.org
2 dsum-sec.casalemedia.com 1 redirects www.avera.org
2 idsync.rlcdn.com www.avera.org
2 dpm.demdex.net 1 redirects www.avera.org
2 ib.adnxs.com 1 redirects www.avera.org
2 solutions.invocacdn.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
solutions.invocacdn.com
2 play.google.com www.gstatic.com
2 bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 beacon.krxd.net www.avera.org
1 aa.agkn.com www.avera.org
1 partners.tremorhub.com www.avera.org
1 x.dlx.addthis.com www.avera.org
1 bpi.rtactivate.com www.avera.org
1 live.rezync.com 1 redirects
1 bs.serving-sys.com www.avera.org
1 contextual.media.net www.avera.org
1 ps.eyeota.net www.avera.org
1 pixel.rubiconproject.com www.avera.org
1 a.rfihub.com www.avera.org
1 cm.g.doubleclick.net 1 redirects
1 www.google.de www.avera.org
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 t.teads.tv www.avera.org
1 cm.teads.tv p.teads.tv
1 20770730p.rfihub.com c1.rfihub.net
1 69057.global.siteimproveanalytics.io www.avera.org
1 p.teads.tv www.googletagmanager.com
1 c1.rfihub.net 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 30531.tctm.co www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 siteimproveanalytics.com www.avera.org
1 fonts.googleapis.com www.avera.org
1 t1.gstatic.com
1 stackpath.bootstrapcdn.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 ajax.googleapis.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 maxcdn.bootstrapcdn.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 cdnjs.cloudflare.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 code.jquery.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 www.pngitem.com 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
1 u27352119.ct.sendgrid.net 1 redirects
162 63

This site contains no links.

Subject Issuer Validity Valid
*.googleusercontent.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
nftstorage.link
Cloudflare Inc ECC CA-3
2022-04-13 -
2023-04-12
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
pngitem.com
R3
2022-05-06 -
2022-08-04
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.google.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.avera.org
DigiCert TLS RSA SHA256 2020 CA1
2021-12-14 -
2023-01-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
*.tctm.co
Amazon
2021-10-09 -
2022-11-06
a year crt.sh
*.rfihub.net
Amazon
2021-12-29 -
2023-01-27
a year crt.sh
teads.tv
R3
2022-06-01 -
2022-08-30
3 months crt.sh
*.global.r1.siteimproveanalytics.io
Amazon
2022-04-27 -
2023-05-26
a year crt.sh
invocacdn.com
Amazon
2021-11-24 -
2022-12-22
a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA
2022-05-24 -
2023-05-24
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
www.google.de
GTS CA 1C3
2022-06-06 -
2022-08-29
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA
2022-02-20 -
2023-02-22
a year crt.sh
bs.serving-sys.com
Amazon
2022-04-10 -
2023-05-09
a year crt.sh
rtactivate.com
Amazon
2022-04-13 -
2023-05-12
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2022-02-26 -
2023-03-01
a year crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
crazyegg.com
Amazon
2022-06-27 -
2023-07-26
a year crt.sh
*.crazyegg.com
DigiCert SHA2 Secure Server CA
2020-07-26 -
2022-07-23
2 years crt.sh

This page contains 6 frames:

Primary Page: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Frame ID: 2A62F4FBD86A169427D3F5EC350CB167
Requests: 24 HTTP requests in this frame

Frame: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Frame ID: 059E14F7E8944E7709EFD9A2E220A282
Requests: 14 HTTP requests in this frame

Frame: https://www.avera.org/
Frame ID: 03EFD396655F97B2F645349A4DFA1B97
Requests: 85 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TKqKSCG_tk4
Frame ID: 8BBA720D2EDE13D5DDE942A63F32DCF7
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Frame ID: CD539D75BE571698751E20E5505C8464
Requests: 20 HTTP requests in this frame

Frame: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&ra=7783090647930757
Frame ID: C8ACC6BB239BB18FC2A8CE8A43BEE1C1
Requests: 19 HTTP requests in this frame

Screenshot

Page Title

Webmail Portal Login - avera.org

Page URL History Show full URLs

  1. https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXh... HTTP 302
    https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_p... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

162
Requests

87 %
HTTPS

50 %
IPv6

46
Domains

63
Subdomains

53
IPs

5
Countries

3391 kB
Transfer

8549 kB
Size

31
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXhWjT05v1DliJzvFZ-2FrXdWWTtQJtar7d5f45LKMUDkQsF-2FhCOZ1yqNe3s6XzNjygGMsgA5GocRr6RXqtxW4PVFk-2Fpd4dvCNbIBWK4BuFppc8wj6wYdWWkKWGexqKkSDY9kS1UfXnqeVFTSWVDo5tEXEx0GIw-2BcXzdvgg3OprL-2Fex9yzyifJMTqTht070mPU8wLCFudjCq9Ewbt-2FqqlFvl5ULc1g-3D-3DSv0r_W6Mci6KC7SLORUNnS9C6o4WgYeOPz8ITfV-2BeYUOJcPOwivBxTGzXtr3e9yK8u2b-2BbgWruc7fr3-2BSs9eT06U7ngV5PGhOw5-2Fcbled9wG65x08o3xc34b3cBUdr0g9uczeR4MXjf5UCrkHSO6otQD5vOjypjd4dL8ocCmbvkzLbb46vBn6mzVmLnJle4td6ZrE-2FhC-2BAtOY2esQnRyNZD8qVNgWsKqlUiI8CsvskjIPt-2B8-3D HTTP 302
    https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://www.google.com/s2/favicons?domain=avera.org HTTP 301
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16
Request Chain 65
  • https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg?size=small HTTP 302
  • https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small
Request Chain 66
  • https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg?size=small HTTP 302
  • https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg?size=small
Request Chain 67
  • https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg?size=small HTTP 302
  • https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small
Request Chain 100
  • https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg HTTP 302
  • https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg
Request Chain 101
  • https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg HTTP 302
  • https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg
Request Chain 102
  • https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg HTTP 302
  • https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg
Request Chain 121
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMDk1NzkyOTY2OQ==&forward= HTTP 302
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1
Request Chain 135
  • https://ib.adnxs.com/setuid?entity=18&code=5141210820957929669 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669
Request Chain 137
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210820957929669&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=
Request Chain 138
  • https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
  • https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0
Request Chain 141
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210820957929669&referrer=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da3dc72d9-49c3-470f-af3d-7885b0879638%253A1656514702.82 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
Request Chain 143
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1
Request Chain 146
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406
Request Chain 150
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210820957929669&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30
Request Chain 151
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YrxojgAMcC1ZTgAj HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj

162 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Redirect Chain
  • https://u27352119.ct.sendgrid.net/ls/click?upn=wmyrTikp4cU6UIreToLK5apa3UVWzls5i-2FnivdzqxJDXieeYhuAfDPrkrYAXhWjT05v1DliJzvFZ-2FrXdWWTtQJtar7d5f45LKMUDkQsF-2FhCOZ1yqNe3s6XzNjygGMsgA5GocRr6RXqtxW4PV...
  • https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
15 KB
6 KB
Document
General
Full URL
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
567e696f9b3ede076143a8f5931e4b5951ef0d4404456addbfdaf416ec02746e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.translate.goog
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-security-policy
frame-ancestors *.translate.goog
content-type
text/html
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 29 Jun 2022 14:58:19 GMT
expires
Wed, 29 Jun 2022 14:58:19 GMT
last-modified
Wed, 29 Jun 2022 14:49:26 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
ESF
x-content-type-options
nosniff
x-robots-tag
none
x-xss-protection
0

Redirect headers

Connection
keep-alive
Content-Length
235
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Jun 2022 14:58:18 GMT
Location
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp#lisa.baumberger@avera.org
Server
nginx
X-Robots-Tag
noindex, nofollow
jquery-1.11.1.min.js.download
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/js/
0
0
Script
General
Full URL
https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/js/jquery-1.11.1.min.js.download
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

m=ajaxproxy
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/
70 KB
25 KB
Script
General
Full URL
https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=ajaxproxy
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
564d2d9cb1733785392951d9805f002539677fc01730f7a5bc51fa8c6cc4d542
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24486
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 03:20:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 20:14:48 GMT
m=navigationui
www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/
24 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=navigationui
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96a1eaf45053f482af9839786a143baf958b5351593921477009d8b460cac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9999
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 03:20:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 20:14:48 GMT
favicons
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/images/
0
0
Image
General
Full URL
https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/images/favicons
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:76b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
www.pngitem.com/pimgs/m/
55 KB
55 KB
Image
General
Full URL
https://www.pngitem.com/pimgs/m/26-269507_arbys-logo-transparent-norton-secured-logo-png-png.png
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.208.219.12 , United States, ASN32097 (WII, US),
Reverse DNS
salty.sheparddietimportance.us
Software
nginx/1.14.0 /
Resource Hash
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Last-Modified
Tue, 15 Oct 2019 13:09:45 GMT
Server
nginx/1.14.0
ETag
"5da5c519-db2d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
56109
jquery-3.2.1.slim.min.js
code.jquery.com/
68 KB
24 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Origin
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-10fdd"
vary
Accept-Encoding
x-hw
1656514699.dop101.fr8.t,1656514699.cds163.fr8.hn,1656514699.cds257.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
23856
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/
19 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Origin
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1693467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6157
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-4af4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tpsXgyNw2ktBHfGSCzcBgBqDZDNX9qRd94Ja1EyU8PUmbdJxW5u8Whxw356jDpCtsRm2CaLZCSZBLnABfyjxrcykLdLl%2BWu5a96MOC2IXPtE0AwFbl7lfFEnef4%2BFhX2My5LA15aw6DqTzAgcy99fZ%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
722f85068de45c74-FRA
expires
Mon, 19 Jun 2023 14:58:19 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/
48 KB
14 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Origin
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
860
age
481
cdn-cachedat
03/10/2022 17:24:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
09a48bd996077374c61abe3df4d211bf
cf-ray
722f8506ccf99055-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1152
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 14:39:07 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/
50 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
10455578
cdn-cachedat
11/15/2021 23:30:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:06 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a35b0179a28ed953258d0fb41376a09c
cf-ray
722f85077c88915f-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
element.js
translate.google.com/translate_a/
76 KB
27 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=gtElInit&hl=en-US&client=wt
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
50e3ddb1150ec53e199960f53c985fd366459cd235e3493f8220ad5eea1bc8ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/
91 KB
33 KB
Script
General
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=navigationui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0100a76311bfe891d95a47a600573d31b0f29f9e807abe1c73cfbd7a8616b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:15:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2559
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33171
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 21:24:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 15:05:40 GMT
websitetranslationui
translate.google.com/ Frame 059E
579 KB
83 KB
Document
General
Full URL
https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/translate_http/_/js/k=translate_http.tr.de.kjGY_8_Dwks.O/d=1/exm=ajaxproxy,el_conf/ed=1/rs=AN8SPfomODCjQyYHlyD5qYdmrfoF3X-kDQ/m=navigationui
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2815abcc1ebbaef289b2c054f6e9c342781a29fed7606f0a756f51e11e06a205
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog script-src 'report-sample' 'nonce-3mMzRkZgptAifGZvR12uPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
X-Xss-Protection 0

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
frame-ancestors https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog script-src 'report-sample' 'nonce-3mMzRkZgptAifGZvR12uPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 29 Jun 2022 14:58:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
ALLOW-FROM https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
x-ua-compatible
IE=edge
x-xss-protection
0
truncated
/
558 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
520 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:43:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
876
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 29 Jun 2022 15:43:43 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpI0y65WcxoTVDaXDL12huAmUnKBQ/
224 KB
76 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpI0y65WcxoTVDaXDL12huAmUnKBQ/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468a4b0d07ebf83c9fc570555de7ece6182bd070fa5d85110983e928f27f2605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 17:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
164107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78029
x-xss-protection
0
last-modified
Sat, 25 Jun 2022 03:20:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 17:23:12 GMT
cspreport
translate.google.com/_/TranslateWebserverWebsiteTranslationUi/ Frame 059E
0
28 B
Other
General
Full URL
https://translate.google.com/_/TranslateWebserverWebsiteTranslationUi/cspreport
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W-rvA0Bv1I9mqT1QjfEZYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="TranslateWebserverWebsiteTranslationUi"
x-frame-options
SAMEORIGIN
report-to
{"group":"TranslateWebserverWebsiteTranslationUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateWebserverWebsiteTranslationUi/external"}]}
content-type
text/html; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
script-src 'report-sample' 'nonce-W-rvA0Bv1I9mqT1QjfEZYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/TranslateWebserverWebsiteTranslationUi/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4c... Frame 059E
167 KB
58 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Requested by
Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b40c01e08b557027b0a8bdef7b5eb4987159fc993f619fd2d476548fdedb389e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:00:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59809
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 22:26:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 19:00:53 GMT
googlelogo_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame 059E
2 KB
688 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_74x24px.svg
Requested by
Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 20:55:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
64987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
663
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 28 Jun 2023 20:55:12 GMT
24px.svg
fonts.gstatic.com/s/i/productlogos/translate/v6/ Frame 059E
6 KB
3 KB
Image
General
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v6/24px.svg
Requested by
Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:20:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3340
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 09:57:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 20:20:18 GMT
32px.svg
fonts.gstatic.com/s/i/productlogos/translate/v6/ Frame 059E
6 KB
4 KB
Image
General
Full URL
https://fonts.gstatic.com/s/i/productlogos/translate/v6/32px.svg
Requested by
Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99294fad3e114681d7504cad26b5d425bf7bb98c82bb4abce603e145ba2e3e17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:20:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3169
x-xss-protection
0
last-modified
Wed, 27 Jan 2021 09:57:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 20:20:29 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v9/ Frame 059E
31 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/productsans/v9/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.google.com/
Origin
https://translate.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:01:10 GMT
x-content-type-options
nosniff
age
79029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31568
x-xss-protection
0
last-modified
Mon, 15 Aug 2016 20:30:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:01:10 GMT
kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
fonts.gstatic.com/s/materialiconsextended/v139/ Frame 059E
158 KB
159 KB
Font
General
Full URL
https://fonts.gstatic.com/s/materialiconsextended/v139/kJEjBvgX7BgnkSrUwT8UnLVc38YydejYY-oE_LvJ.woff2
Requested by
Host: translate.google.com
URL: https://translate.google.com/websitetranslationui?parent=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog&pfu=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F%3F_x_tr_hp%3Dbafkreigasd7iihvg%26_x_tr_sl%3Dauto%26_x_tr_tl%3Den%26_x_tr_hl%3Den-US%26_x_tr_pto%3Dwapp&u=https%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F&sl=auto&tl=en&opu=https%3A%2F%2Ftranslate.google.com%2Fwebsite%3Fsl%3Dauto%26tl%3Den%26hl%3Den-US%26client%3Dwebapp%26u%3Dhttps%3A%2F%2Fbafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link%2F%26anno%3D2&hl=en-US&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6553190991765f48d49b0ebb1e6aca187e6e73a9fdcca36d469cf2959fde3ed3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://translate.google.com/
Origin
https://translate.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 20:03:37 GMT
x-content-type-options
nosniff
age
68082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162060
x-xss-protection
0
last-modified
Tue, 24 May 2022 18:28:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 20:03:37 GMT
m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,VWuaCc,CXs...
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E
240 KB
85 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,UUJqVe,O1Gjze,byfTOb,lsjVmc,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,pKzUve,O6y8ed,PrPYRd,MpJwZc,LEikZe,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,VWuaCc,CXsKQe,s39S4,lwddkf,gychg,w9hDv,RMhBfe,SdcwHb,aW3pY,P5Thrf,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,xQtZb,PQaYAf,JNoxi,BVgquf,lPKSwe,QIhFr,yDVVkb,hc6Ubd,KG2eXe,SpsfSb,MdUzUe,VwDzFe,zbML3c,A7fCU,Uas9Hd,pjICDe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c29508e47b449f9003988bf14aa818b0ae6bb835f71684ed1e1dd3d9cb3ae1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:00:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71841
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87186
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 19:00:58 GMT
gen204
translate.google.com/
0
24 B
Image
General
Full URL
https://translate.google.com/gen204?nca=te_li&client=wt_lib&logld=vTE_20220627
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5598pcV68_p2MVarHh0dYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
image/gif; charset=us-ascii
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-5598pcV68_p2MVarHh0dYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
846 B
870 B
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:16:07 GMT
x-content-type-options
nosniff
age
2532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 29 Jun 2023 14:16:07 GMT
m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,wg1P6b,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,tsNC9c,JWUKXe,soHxf,qNG0Fc,HwavCb,JzDP5e,qRXAtf,yRXbo,ywOR5c,thZ3rf,L2d1X,rFVO7,QM0Gm,W225x,cSdwA
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E
203 KB
60 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=A7fCU,BVgquf,COQbmf,CXsKQe,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,P5Thrf,PQaYAf,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VWuaCc,VwDzFe,XVMNvd,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,blwjVc,byfTOb,e5qFLc,fKUV3e,gychg,hc6Ubd,lPKSwe,lsjVmc,lwddkf,n73qwf,pKzUve,pjICDe,pw70Gc,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=sJhETb,i5dxUd,m9oV,JH2zc,bTi8wc,i5H9N,wg1P6b,RAnnUd,PHUIyb,VNcg1e,DFTXbf,t1sulf,uu7UOe,tsNC9c,JWUKXe,soHxf,qNG0Fc,HwavCb,JzDP5e,qRXAtf,yRXbo,ywOR5c,thZ3rf,L2d1X,rFVO7,QM0Gm,W225x,cSdwA
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b96eea12a95503b938e26be81037a78006b1ffe000ec6c2aa69a026caab7b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61228
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 19:00:29 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:39:30 GMT
x-content-type-options
nosniff
age
1129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 29 Jun 2023 14:39:30 GMT
t
translate.googleapis.com/translate_a/
434 B
312 B
XHR
General
Full URL
https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20220627&sl=auto&tl=en&tc=1&sr=1&tk=13979.472053&mode=1
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7cca7f579302e4c17877cd5c652d7fe8b139853077f182dcbae1ef917911ff94
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-UgJSFoQkwsdHe8YPoeUT7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-UgJSFoQkwsdHe8YPoeUT7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E
1 KB
692 B
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=A7fCU,BVgquf,COQbmf,CXsKQe,DFTXbf,EFQ78c,GkRiKb,HwavCb,IZT63,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,P5Thrf,PHUIyb,PQaYAf,PrPYRd,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VWuaCc,VwDzFe,W225x,XVMNvd,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,blwjVc,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,lPKSwe,lsjVmc,lwddkf,m9oV,n73qwf,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,soHxf,t1sulf,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfdeb7581f3fd1c3939c601fddbdff2dd2dd390ae39b29dc1f5239b412699fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:01:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
666
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 19:01:30 GMT
gen204
translate.google.com/
0
25 B
Image
General
Full URL
https://translate.google.com/gen204?sl=auto&tl=en&textlen=30&ttt=107&ttl=122&sr=1&nca=te_time&client=wt_lib&logld=vTE_20220627
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-D-RLWs5AADE0OHACXqaIRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:19 GMT
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="TranslateApiHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type
image/gif; charset=us-ascii
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-D-RLWs5AADE0OHACXqaIRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am... Frame 059E
6 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/ck=boq-translate.TranslateWebserverWebsiteTranslationUi.u00reiSkp5w.L.B1.O/am=FgAE/d=1/exm=A7fCU,BVgquf,COQbmf,CXsKQe,DFTXbf,EFQ78c,GkRiKb,HwavCb,IZT63,JH2zc,JNoxi,JWUKXe,JzDP5e,KG2eXe,KUM7Z,L1AAkb,L2d1X,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OmgaI,P5Thrf,PHUIyb,PQaYAf,PrPYRd,QIhFr,QM0Gm,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VNcg1e,VWuaCc,VwDzFe,W225x,XVMNvd,ZfAoz,ZwDk9d,_b,_r,_tp,aW3pY,aurFic,bTi8wc,blwjVc,bm51tf,byfTOb,cSdwA,e5qFLc,fKUV3e,gychg,hc6Ubd,i5H9N,i5dxUd,lPKSwe,lsjVmc,lwddkf,m9oV,n73qwf,pKzUve,pjICDe,pw70Gc,qNG0Fc,qRXAtf,rFVO7,s39S4,sJhETb,soHxf,t1sulf,thZ3rf,tsNC9c,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,yRXbo,ywOR5c,zbML3c/excm=_b,_r,_tp,iframenavigationview/ed=1/wt=2/rs=ANkVxDkxScNOtPuewpzn5_5TBjrqe9I-kg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;oGtAuc:sOXFj;eBAeSb:zbML3c;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
186229667fb519d86383ff429d1582e42121110ca5836aa9d2524cdfffa35934
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71808
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/translate-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2811
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/translate-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/translate-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/translate-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 19:01:31 GMT
log
play.google.com/ Frame 059E
131 B
675 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://translate.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 29 Jun 2022 14:58:20 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://translate.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 29 Jun 2022 14:58:20 GMT
/
www.avera.org/ Frame 03EF
44 KB
16 KB
Document
General
Full URL
https://www.avera.org/
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
15eae2666ea93ea9efacf3498c02bcf8c3b615d22f1653d31504a726a73ca3b3

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
15653
Content-Type
text/html; charset=utf-8
Date
Wed, 29 Jun 2022 14:58:20 GMT
Server
Microsoft-IIS/8.5
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-UA-Compatible
IE=Edge,chrome=1
faviconV2
t1.gstatic.com/
Redirect Chain
  • https://www.google.com/s2/favicons?domain=avera.org
  • https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16
792 B
1 KB
Image
General
Full URL
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16
Protocol
H2
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b7a865fabf2357352518bb072b270ba3568a87afc6ebb6c103ac891828b2f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:20 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
792
x-xss-protection
0
last-modified
Wed, 29 Nov 2017 12:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="media-favicon"
report-to
{"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-location
https://www.avera.org/favicon.ico
expires
Wed, 06 Jul 2022 14:58:20 GMT

Redirect headers

date
Wed, 29 Jun 2022 14:58:20 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
location
https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://avera.org&size=16
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Wed, 29 Jun 2022 15:28:20 GMT
t
translate.googleapis.com/translate_a/
20 B
75 B
XHR
General
Full URL
https://translate.googleapis.com/translate_a/t?anno=3&client=wt_lib&format=html&v=1.0&key&logld=vTE_20220627&sl=auto&tl=en&tc=1&dom=1&sr=1&tk=574745.1032311&mode=1
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_US.e5jtDLYWMls.O/d=1/rs=AN8SPfocMrGlbDKi4pCPlDT4Pjp1-gd5ww/m=el_conf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f168283e82e4fd2fa8adcf4081f0fb941f18eddfbbbd8f79acbad95d08a891c0
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-qmFM23fMKQm-6L9fsD9CIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 29 Jun 2022 14:58:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="TranslateApiHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"TranslateApiHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/TranslateApiHttp/external"}]}
content-type
application/json; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy
require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'report-sample' 'nonce-qmFM23fMKQm-6L9fsD9CIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
expires
Mon, 01 Jan 1990 00:00:00 GMT
log
play.google.com/ Frame 059E
131 B
155 B
XHR
General
Full URL
https://play.google.com/log?format=json&hasfast=true
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-translate/_/js/k=boq-translate.TranslateWebserverWebsiteTranslationUi.en_US.SN9_AqwpHdQ.es5.O/am=FgAE/d=1/excm=_b,_r,_tp,iframenavigationview/ed=1/dg=0/wt=2/rs=ANkVxDk5x4cEyOmwyAJmkyjO-GmwrR9-yg/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://translate.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 29 Jun 2022 14:58:20 GMT
content-encoding
gzip
server
Playlog
access-control-allow-headers
X-Playlog-Web
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin
https://translate.google.com
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131
x-xss-protection
0
expires
Wed, 29 Jun 2022 14:58:20 GMT
default.css
www.avera.org/css-min/ Frame 03EF
24 KB
8 KB
Stylesheet
General
Full URL
https://www.avera.org/css-min/default.css
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 17:07:35 GMT
Server
Microsoft-IIS/8.5
ETag
"80251be6ec87d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
7937
X-UA-Compatible
IE=Edge,chrome=1
client.css
www.avera.org/css-min/ Frame 03EF
87 KB
26 KB
Stylesheet
General
Full URL
https://www.avera.org/css-min/client.css
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 17:07:35 GMT
Server
Microsoft-IIS/8.5
ETag
"80251be6ec87d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
26216
X-UA-Compatible
IE=Edge,chrome=1
avera.css
www.avera.org/css-min/ Frame 03EF
294 KB
72 KB
Stylesheet
General
Full URL
https://www.avera.org/css-min/avera.css
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
b5235e4801e655e7d25a202bae251753fc2a4b24e196d35c8f3c03bbd4f1df79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 17:07:35 GMT
Server
Microsoft-IIS/8.5
ETag
"80251be6ec87d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
72982
X-UA-Compatible
IE=Edge,chrome=1
home.css
www.avera.org/css-min/templates/ Frame 03EF
5 KB
3 KB
Stylesheet
General
Full URL
https://www.avera.org/css-min/templates/home.css
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c933b53cece56ce24891abe3a2e0cdc4716feb52a662fcc5718f189b5461ff27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 17:07:44 GMT
Server
Microsoft-IIS/8.5
ETag
"725ee5ebec87d81:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2160
X-UA-Compatible
IE=Edge,chrome=1
jquery-1.11.3.min.js
www.avera.org/scripts/ Frame 03EF
93 KB
47 KB
Script
General
Full URL
https://www.avera.org/scripts/jquery-1.11.3.min.js
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 16:24:00 GMT
Server
Microsoft-IIS/8.5
ETag
"0d071cfe687d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
47758
X-UA-Compatible
IE=Edge,chrome=1
jquery-migrate-1.2.1.min.js
www.avera.org/scripts/ Frame 03EF
7 KB
5 KB
Script
General
Full URL
https://www.avera.org/scripts/jquery-migrate-1.2.1.min.js
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 21:00:36 GMT
Server
Microsoft-IIS/8.5
ETag
"0b230558c61d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
4079
X-UA-Compatible
IE=Edge,chrome=1
WebResource.axd
www.avera.org/ Frame 03EF
150 KB
67 KB
Script
General
Full URL
https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637874496180000000
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 21:00:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
text/javascript
Expires
Thu, 29 Jun 2023 13:00:12 GMT
Cache-Control
public
Content-Length
68352
X-UA-Compatible
IE=Edge,chrome=1
WebResource.axd
www.avera.org/ Frame 03EF
14 KB
4 KB
Script
General
Full URL
https://www.avera.org/WebResource.axd?d=4UFlqIq8P5vCqX7mGiiCoiYajF5qqMK4eXrfRm20qRSmjebHCDxmFewFviNSce0tRLIuJS8RSusI_V43dzNNKzWIBV23GD5pxiL50mxZJVIHbHBn6SXcLqCdWDlEnf7PywP3dXMjABZgtsUusZ6PuK72JMpSzefIlMJlG4L0vVjzwWdnlHyyW3iTA8hgjj1q0&t=637874496180000000
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 21:00:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
text/javascript
Expires
Thu, 29 Jun 2023 14:00:32 GMT
Cache-Control
public
Content-Length
3308
X-UA-Compatible
IE=Edge,chrome=1
css2
fonts.googleapis.com/ Frame 03EF
26 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 14:44:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 29 Jun 2022 14:58:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Jun 2022 14:58:21 GMT
js
www.googletagmanager.com/gtag/ Frame 03EF
101 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9663759
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95a003b9b3ad227ee54a136875f3a4e7a9be2123d8d1b8cbe71f64cafc989c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39947
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Jun 2022 14:58:22 GMT
avera-logo.png
www.avera.org/imgs/ Frame 03EF
8 KB
8 KB
Image
General
Full URL
https://www.avera.org/imgs/avera-logo.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
7774
X-UA-Compatible
IE=Edge,chrome=1
avera-logo-rev-white.png
www.avera.org/imgs/ Frame 03EF
6 KB
6 KB
Image
General
Full URL
https://www.avera.org/imgs/avera-logo-rev-white.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
6225
X-UA-Compatible
IE=Edge,chrome=1
avera-chart.png
www.avera.org/imgs/ Frame 03EF
6 KB
7 KB
Image
General
Full URL
https://www.avera.org/imgs/avera-chart.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
6373
X-UA-Compatible
IE=Edge,chrome=1
search-icon2x.png
www.avera.org/imgs/icons/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/search-icon2x.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2084
X-UA-Compatible
IE=Edge,chrome=1
WebResource.axd
www.avera.org/ Frame 03EF
23 KB
7 KB
Script
General
Full URL
https://www.avera.org/WebResource.axd?d=jYr4BoKVcrfRFg4D2UDxHtVjNMwp56ezP2GkmXW49ia4Sqv1UQQFNu40QJ-liMfAwKUTPvfvs0bRzz2tA8ruXgf9vDoZm7611lzjWsP0C181&t=637814437746327080
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Feb 2022 09:42:54 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
application/x-javascript
Expires
Thu, 29 Jun 2023 13:00:22 GMT
Cache-Control
public
Content-Length
6768
X-UA-Compatible
IE=Edge,chrome=1
client.js
www.avera.org/scripts/ Frame 03EF
42 KB
16 KB
Script
General
Full URL
https://www.avera.org/scripts/client.js
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
3218dc61f50c1f2dfb0d475b05d2645149c4dea7d416bff22c8af6a975503361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 16:24:00 GMT
Server
Microsoft-IIS/8.5
ETag
"0d071cfe687d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
16381
X-UA-Compatible
IE=Edge,chrome=1
WebResource.axd
www.avera.org/ Frame 03EF
4 KB
1 KB
Script
General
Full URL
https://www.avera.org/WebResource.axd?d=xOX35DcLGnQUQWyGiY1yPWRICwmw97Rz5mvhBxjeimDlkJbQ6UPJ10mO-dBfvKY9WSY3c6Dxgi_lUKjJpgWIr7yYJFjWU7QMv_O1ThF5DA7oUI65MlcUmSo1v7IrDc2G5kkx361X74lvmaeT3M2pqPl-pYNYZ_Ld0skuvebBwR-L_QX7kzOYJGwXzf0IRQTrHfWqi4lYXsuAENE1yS7plQ2&t=637874496180000000
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 06 May 2022 21:00:18 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
text/javascript
Expires
Thu, 29 Jun 2023 12:43:31 GMT
Cache-Control
public
Content-Length
1137
X-UA-Compatible
IE=Edge,chrome=1
ScriptResource.axd
www.avera.org/ Frame 03EF
100 KB
36 KB
Script
General
Full URL
https://www.avera.org/ScriptResource.axd?d=wYUnArtQrNPyvM7wYYZvMGcFuWb0b8YZD_JczWHOCf4UuZLV03v7D4tfOm3isce564hDtb_-Q6O_6cOUra9FC25usqadIzlCK20zlvmVr46qhtRn3cgt57vCzkN6323dPGuVxXrBxMIUw44ClwGUE6xGpsakvlIUkRJRbe6AE_ggG5PF7HZKXZoz7I1BN07i0&t=49337fe8
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jun 2022 14:00:33 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
application/x-javascript
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
37031
Expires
Thu, 29 Jun 2023 14:00:33 GMT
ScriptResource.axd
www.avera.org/ Frame 03EF
39 KB
14 KB
Script
General
Full URL
https://www.avera.org/ScriptResource.axd?d=MQB67sxauURHKIbBby0IauFkaTI8LOX0bxcsg78R-V4AFsUrZJv3SvekcyqbS6K_7DpmRHlZpNwxWjBj2cFBrePbJlSNtJNsVsCnCFMJzG17vN_I5Rs2KKfAD-oVVqYBJhNuJGNu7ysJvZxNBVNBGsqVCmaTGtJqFrfnXTazPKwVLJ71tf8yJl_3lBK-XDwK0&t=49337fe8
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jun 2022 12:43:31 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
application/x-javascript
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
Content-Length
14430
Expires
Thu, 29 Jun 2023 12:43:31 GMT
Homepage-.jpg
www.avera.org/app/files/public/72701/ Frame 03EF
119 KB
119 KB
Image
General
Full URL
https://www.avera.org/app/files/public/72701/Homepage-.jpg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Wed, 05 Jan 2022 16:07:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="Homepage-.jpg"
Content-Length
121740
Expires
Wed, 29 Jun 2022 15:03:22 GMT
covid-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
9 KB
9 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/covid-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
8848
X-UA-Compatible
IE=Edge,chrome=1
billpay-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
5 KB
5 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/billpay-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
4772
X-UA-Compatible
IE=Edge,chrome=1
records-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
1 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/records-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
1525
X-UA-Compatible
IE=Edge,chrome=1
greeting-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/greeting-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2163
X-UA-Compatible
IE=Edge,chrome=1
prayer-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
2 KB
3 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/prayer-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2418
X-UA-Compatible
IE=Edge,chrome=1
donate-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/donate-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2215
X-UA-Compatible
IE=Edge,chrome=1
employment-icon.svg
www.avera.org/imgs/icons/ Frame 03EF
4 KB
4 KB
Image
General
Full URL
https://www.avera.org/imgs/icons/employment-icon.svg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:04 GMT
Server
Microsoft-IIS/8.5
ETag
"0e410aee687d81:0"
Content-Type
image/svg+xml
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
4050
X-UA-Compatible
IE=Edge,chrome=1
feeding-south-dakota-food-truck-volunteers.jpg
www.avera.org/app/files/public/82919/ Frame 03EF
Redirect Chain
  • https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg?size=small
  • https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9a02cca8bf04f3f52aeb08f142a1e18e10cb0f5d65c184f8cf9800399c2b4c44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Sun, 26 Jun 2022 18:04:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="feeding-south-dakota-food-truck-volunteers.jpg"
Content-Length
1559
Expires
Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
text/html; charset=utf-8
Location
/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg?size=small
Cache-Control
private
Content-Length
198
X-UA-Compatible
IE=Edge,chrome=1
family-and-healthcare-concept.jpg
www.avera.org/app/files/public/82918/ Frame 03EF
Redirect Chain
  • https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg?size=small
  • https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg?size=small
1 KB
2 KB
Image
General
Full URL
https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg?size=small
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
c74f0894ecff00c8d7de8177b63bc6a12326738c0e3d2f55367da3b69ffca4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Sun, 26 Jun 2022 14:57:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="family-and-healthcare-concept.jpg"
Content-Length
1331
Expires
Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
text/html; charset=utf-8
Location
/app/files/public/82918/family-and-healthcare-concept.jpg?size=small
Cache-Control
private
Content-Length
185
X-UA-Compatible
IE=Edge,chrome=1
medical-staff-discussion-at-nurses-station.jpg
www.avera.org/app/files/public/79135/ Frame 03EF
Redirect Chain
  • https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg?size=small
  • https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small
1 KB
2 KB
Image
General
Full URL
https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
29f6bed3647112061811f999ca81614c27688f8f01bdba3d7287a9c8836a67ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Sun, 27 Dec 2020 17:53:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="medical-staff-discussion-at-nurses-station.jpg"
Content-Length
1532
Expires
Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
text/html; charset=utf-8
Location
/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg?size=small
Cache-Control
private
Content-Length
198
X-UA-Compatible
IE=Edge,chrome=1
Behavioral-Health-Addition-Exterior-Photo-Medium.png
www.avera.org/app/files/public/82485/ Frame 03EF
383 KB
384 KB
Image
General
Full URL
https://www.avera.org/app/files/public/82485/Behavioral-Health-Addition-Exterior-Photo-Medium.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e725690313a5ae91171a40d35af22a6cd93f0b8ddef0827030287e61d0a71e58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Sun, 10 Apr 2022 14:33:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/png
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="Behavioral-Health-Addition-Exterior-Photo-Medium.png"
Content-Length
392454
Expires
Wed, 29 Jun 2022 15:03:22 GMT
movinghealthforward_tagline_72.png
www.avera.org/app/files/public/82030/ Frame 03EF
3 KB
4 KB
Image
General
Full URL
https://www.avera.org/app/files/public/82030/movinghealthforward_tagline_72.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
fbb45adf686a7e3e243893989f592071cc556d29f11fd103e95c6139a185ef3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Sun, 09 Jan 2022 16:59:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/png
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="movinghealthforward_tagline_72.png"
Content-Length
3572
Expires
Wed, 29 Jun 2022 15:03:22 GMT
facebook-gray.png
www.avera.org/imgs/ahp/ Frame 03EF
797 B
1 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/facebook-gray.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
797
X-UA-Compatible
IE=Edge,chrome=1
twitter-gray.png
www.avera.org/imgs/ahp/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/twitter-gray.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2116
X-UA-Compatible
IE=Edge,chrome=1
youtube-gray.png
www.avera.org/imgs/ahp/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/youtube-gray.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
1569
X-UA-Compatible
IE=Edge,chrome=1
pinterest-gray.png
www.avera.org/imgs/ahp/ Frame 03EF
2 KB
3 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/pinterest-gray.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2338
X-UA-Compatible
IE=Edge,chrome=1
linkedin-gray.png
www.avera.org/imgs/ahp/ Frame 03EF
1 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/linkedin-gray.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
1265
X-UA-Compatible
IE=Edge,chrome=1
avera-logo-reversed.png
www.avera.org/imgs/ Frame 03EF
5 KB
6 KB
Image
General
Full URL
https://www.avera.org/imgs/avera-logo-reversed.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
5571
X-UA-Compatible
IE=Edge,chrome=1
avera.js
www.avera.org/scripts/ Frame 03EF
94 KB
35 KB
Script
General
Full URL
https://www.avera.org/scripts/avera.js
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
81bae4acb15f38092d128a317dcb99da47f27a83eebeb5a9e6e4f8364afe9877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:20 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 16:24:00 GMT
Server
Microsoft-IIS/8.5
ETag
"0d071cfe687d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
35223
X-UA-Compatible
IE=Edge,chrome=1
gtm.js
www.googletagmanager.com/ Frame 03EF
369 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4e8f5dd6a9303272e072a91dca59a98045daf7df832aaf76e2104899f7f24a6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94303
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Jun 2022 14:58:22 GMT
siteanalyze_69057.js
siteimproveanalytics.com/js/ Frame 03EF
14 KB
6 KB
Script
General
Full URL
https://siteimproveanalytics.com/js/siteanalyze_69057.js
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
703QY0VVV992ZS6A
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5127
x-amz-id-2
eNbL1kGOeSXpJ13jIfKHmHpgZlRW1wdJHJuP0TuO59N3XTPTWXR6Z/0zQbJk/cUrBHnHNLbYouM=
last-modified
Mon, 16 May 2022 09:44:16 GMT
server
cloudflare
etag
"0db568765387ecbf4ebab6b1396d61c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhoQJ6NNV8KPmyRU3K1GifFXVgl%2BP9QFJyHIm4Qaet44199ih5QYk8VJ%2FuiUc%2FqKzb4%2BoMimdm0W6tPdGsXK8Smz9Dcgbu%2BYQaodVS9Yw3WS6J3fEzRoF1SQh67mcGPF1EWug8e4SFsDp%2FRfwnVa8motlQgogWg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400, no-transform
accept-ranges
bytes
cf-ray
722f85179b7a91f6-FRA
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 03EF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avera.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 16:39:45 GMT
x-content-type-options
nosniff
age
166717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 16:39:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 03EF
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avera.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
108760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:45:42 GMT
js
www.googletagmanager.com/gtag/ Frame 03EF
197 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6KMB13EQJ9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6a58f48b5e3335c415ae481226ebc52a48098d3cd9cec7a65ec654584165140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72015
x-xss-protection
0
expires
Wed, 29 Jun 2022 14:58:22 GMT
optimize.js
www.googleoptimize.com/ Frame 03EF
105 KB
40 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-MXB48L7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34213b385cae7b707f5728b6e2a2a8226e45723ea56aa0496c3b34e5582dc439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40905
x-xss-protection
0
expires
Wed, 29 Jun 2022 14:58:22 GMT
0056.js
script.crazyegg.com/pages/scripts/0031/ Frame 03EF
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0031/0056.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c15be80ca89a8b5cb49082e802a4acfd48f287903244775b758774f43f82dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
722f8518d8f89be8-FRA
ce-version
11.1.455
content-length
2058
last-modified
Wed, 29 Jun 2022 14:58:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
conversion_async.js
www.googleadservices.com/pagead/ Frame 03EF
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
15252473734373555178
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Jun 2022 14:58:22 GMT
bat.js
bat.bing.com/ Frame 03EF
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F22E2DEA3DA5431988F9E3D394A672B4 Ref B: FRAEDGE1206 Ref C: 2022-06-29T14:58:22Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Wed, 29 Jun 2022 14:58:21 GMT
accept-ranges
bytes
content-length
11374
analytics.js
www.google-analytics.com/ Frame 03EF
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6813
date
Wed, 29 Jun 2022 13:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 29 Jun 2022 15:04:49 GMT
t.js
30531.tctm.co/ Frame 03EF
52 KB
17 KB
Script
General
Full URL
https://30531.tctm.co/t.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:800:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ctm /
Resource Hash
b3d33f918be446899524f68104ed45a66e89ac2e342e60b285fb81106b970eb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 14:58:22 GMT
server
ctm
x-amz-cf-pop
FRA2-C2
etag
W/62bc688e00007743165633cc-30531
x-cache
Miss from cloudfront
content-type
application/x-javascript
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
ujfpeQt9N1c-rXd11ULIPJf-x3dUtvch1xfnhrhH7Qx5Xk5_TveEMA==
tc.min.js
c1.rfihub.net/js/ Frame 03EF
19 KB
6 KB
Script
General
Full URL
https://c1.rfihub.net/js/tc.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7c00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:20:32 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 14:20:22 GMT
server
Jetty(9.3.29.v20201019)
age
2270
x-cache
Hit from cloudfront
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via
1.1 1e498d046330e15095a1a2a958463bf4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
content-length
6162
x-amz-cf-id
8gRD7YcJUWxyHTkoTUss3J9yaqeF_p-0J8BIVy7TJRQB_wOBdj3pKw==
expires
Wed, 29 Jun 2022 15:20:32 GMT
teads-fellow.js
p.teads.tv/ Frame 03EF
17 KB
6 KB
Script
General
Full URL
https://p.teads.tv/teads-fellow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
Date
Wed, 29 Jun 2022 14:58:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Jun 2022 07:41:03 GMT
Server
AmazonS3
x-amz-request-id
8PQNK1VCV7GN975Y
ETag
"a483ab54f15ef5b4755923baf02b68cb"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=283
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5706
x-amz-id-2
2wk7ipVCtLQYwH7fCZEJ1wPx6x0QD/pfs30lsNdPGZa5JBcAbHaO7k0EXFo1p33LjZdjhr47OMA=
TKqKSCG_tk4
www.youtube.com/embed/ Frame 8BBA
0
0

light-pattern.png
www.avera.org/imgs/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/light-pattern.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/avera.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2194
X-UA-Compatible
IE=Edge,chrome=1
facebook.png
www.avera.org/imgs/ahp/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/facebook.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/avera.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2065
X-UA-Compatible
IE=Edge,chrome=1
twitter.png
www.avera.org/imgs/ahp/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/twitter.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/avera.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2049
X-UA-Compatible
IE=Edge,chrome=1
youtube.png
www.avera.org/imgs/ahp/ Frame 03EF
3 KB
4 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/youtube.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/avera.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
3571
X-UA-Compatible
IE=Edge,chrome=1
pinterest.png
www.avera.org/imgs/ahp/ Frame 03EF
2 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/pinterest.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/avera.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
2270
X-UA-Compatible
IE=Edge,chrome=1
linkedin.png
www.avera.org/imgs/ahp/ Frame 03EF
1 KB
1 KB
Image
General
Full URL
https://www.avera.org/imgs/ahp/linkedin.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/avera.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
1225
X-UA-Compatible
IE=Edge,chrome=1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 03EF
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.avera.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
157827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 19:07:55 GMT
TKqKSCG_tk4
www.youtube.com/embed/ Frame CD53
0
0

arrow-up-circle.png
www.avera.org/imgs/ Frame 03EF
1 KB
2 KB
Image
General
Full URL
https://www.avera.org/imgs/arrow-up-circle.png
Requested by
Host: www.avera.org
URL: https://www.avera.org/css-min/client.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/css-min/client.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Fri, 24 Jun 2022 16:23:02 GMT
Server
Microsoft-IIS/8.5
ETag
"0b7dface687d81:0"
Content-Type
image/png
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
1326
X-UA-Compatible
IE=Edge,chrome=1
feeding-south-dakota-food-truck-volunteers.jpg
www.avera.org/app/files/public/82919/ Frame 03EF
Redirect Chain
  • https://www.avera.org/app/files/public/feeding-south-dakota-food-truck-volunteers.jpg
  • https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg
89 KB
90 KB
Image
General
Full URL
https://www.avera.org/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
3605c1411f79957f27d1dae87686ce0c6cc0f887cbf5c08c4208d329db7403d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Sun, 26 Jun 2022 18:04:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="feeding-south-dakota-food-truck-volunteers.jpg"
Content-Length
91582
Expires
Wed, 29 Jun 2022 15:03:23 GMT

Redirect headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
text/html; charset=utf-8
Location
/app/files/public/82919/feeding-south-dakota-food-truck-volunteers.jpg
Cache-Control
private
Content-Length
187
X-UA-Compatible
IE=Edge,chrome=1
family-and-healthcare-concept.jpg
www.avera.org/app/files/public/82918/ Frame 03EF
Redirect Chain
  • https://www.avera.org/app/files/public/family-and-healthcare-concept.jpg
  • https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg
52 KB
53 KB
Image
General
Full URL
https://www.avera.org/app/files/public/82918/family-and-healthcare-concept.jpg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
81a8a5fa403010e18fcfd0d01a5209c195c3793caa948afe645c7f3aebbd73f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Last-Modified
Sun, 26 Jun 2022 14:57:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="family-and-healthcare-concept.jpg"
Content-Length
53641
Expires
Wed, 29 Jun 2022 15:03:23 GMT

Redirect headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
text/html; charset=utf-8
Location
/app/files/public/82918/family-and-healthcare-concept.jpg
Cache-Control
private
Content-Length
174
X-UA-Compatible
IE=Edge,chrome=1
medical-staff-discussion-at-nurses-station.jpg
www.avera.org/app/files/public/79135/ Frame 03EF
Redirect Chain
  • https://www.avera.org/app/files/public/medical-staff-discussion-at-nurses-station.jpg
  • https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg
86 KB
86 KB
Image
General
Full URL
https://www.avera.org/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
38a2e967771266d9d1906db3586b9fecb915af15f2b6c472ac6f7f92661a7e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Last-Modified
Sun, 27 Dec 2020 17:53:00 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
image/jpeg
Cache-Control
public
X-UA-Compatible
IE=Edge,chrome=1
content-disposition
inline;filename="medical-staff-discussion-at-nurses-station.jpg"
Content-Length
88039
Expires
Wed, 29 Jun 2022 15:03:22 GMT

Redirect headers

Date
Wed, 29 Jun 2022 14:58:21 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
Content-Type
text/html; charset=utf-8
Location
/app/files/public/79135/medical-staff-discussion-at-nurses-station.jpg
Cache-Control
private
Content-Length
187
X-UA-Compatible
IE=Edge,chrome=1
image.aspx
69057.global.siteimproveanalytics.io/ Frame 03EF
34 B
620 B
Image
General
Full URL
https://69057.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&title=Avera%20Health&res=1600x1200&accountid=69057&rt=1736&prev=0933de89-7684-1c2a-55d3-af448665d7aa&luid=ac0e08ba-face-6d7f-f05f-86ee67278e60&rnd=9092
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.74.77.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-74-77-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Cache-Control
max-age=0, no-cache="set-cookie"
Expires
Wed, 29 Jun 2022 14:58:22 UTC
Connection
keep-alive
Content-Length
34
Content-Type
image/gif
invoca-latest.min.js
solutions.invocacdn.com/js/ Frame 03EF
124 KB
40 KB
Script
General
Full URL
https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by
Host: 5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
URL: https://5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog/?_x_tr_hp=bafkreigasd7iihvg&_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
kkx8cmGgooMGeimwW4In93s6hIJC6Azb
content-encoding
gzip
last-modified
Tue, 29 Mar 2022 21:07:42 GMT
server
AmazonS3
age
1921
etag
W/"1f44d59b4ca2d82abb2911699e1698a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Wed, 29 Jun 2022 14:26:25 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
E5ZsIsIVeuWj-4pXHMak5Q44iJryzXPYpeDSfNMS7FuERG6vNSP0JQ==
slick.js
www.avera.org/scripts/ Frame 03EF
42 KB
16 KB
Script
General
Full URL
https://www.avera.org/scripts/slick.js
Requested by
Host: www.avera.org
URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637874496180000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jun 2022 16:24:00 GMT
Server
Microsoft-IIS/8.5
ETag
"0d071cfe687d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=14400
Accept-Ranges
bytes
Content-Length
15758
X-UA-Compatible
IE=Edge,chrome=1
TKqKSCG_tk4
www.youtube.com/embed/ Frame CD53
64 KB
26 KB
Document
General
Full URL
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1d2352b99cafa21c1b9154bdc16a52dfde107822627759316eceae124ad830f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.avera.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Wed, 29 Jun 2022 14:58:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
iframe_api
www.youtube.com/ Frame 03EF
980 B
1 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0217441ee1280cf8b94315b6410c28f97dac9d4e80985c5d1528de90c0745187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 29 Jun 2022 14:58:22 GMT
ca.html
20770730p.rfihub.com/ Frame C8AC
3 KB
3 KB
Document
General
Full URL
https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&ra=7783090647930757
Requested by
Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
0f2b55267e19c1138152ab60d3ea4bc0f56277ac2b60d7c35caf88b8648fa38a

Request headers

Referer
https://www.avera.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
2674
Content-Type
text/html;charset=utf-8
Date
Wed, 29 Jun 2022 14:58:22 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
13006411.js
bat.bing.com/p/action/ Frame 03EF
0
135 B
Script
General
Full URL
https://bat.bing.com/p/action/13006411.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B712446C2824413B9F1529D3B0A40C7D Ref B: FRAEDGE1206 Ref C: 2022-06-29T14:58:22Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Wed, 29 Jun 2022 14:58:21 GMT
0
bat.bing.com/action/ Frame 03EF
0
175 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=13006411&tm=gtm002&Ver=2&mid=77cf5d52-2466-4e8a-b074-0f05eeb35b18&sid=eb8629b0f7bb11eca595498ad35dfe78&vid=eb866940f7bb11ecbb12993e1737c22a&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Avera%20Health&p=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&r=&lt=1734&evt=pageLoad&ifm=1&msclkid=N&sv=1&rn=291018
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5E1A6D8CA6F8454587C799734B49BC20 Ref B: FRAEDGE1206 Ref C: 2022-06-29T14:58:22Z
date
Wed, 29 Jun 2022 14:58:21 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
advertiser
cm.teads.tv/v2/ Frame 03EF
80 B
423 B
Fetch
General
Full URL
https://cm.teads.tv/v2/advertiser?referer=https%3A%2F%2Fwww.avera.org%2F&buyer_pixel_id=4963
Requested by
Host: p.teads.tv
URL: https://p.teads.tv/teads-fellow.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f548ff6ad911d8e6bc52c6c8e7c730e5f99d613cc522d04ed2ee7fb1ca040df6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Jun 2022 14:58:22 GMT
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.avera.org
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
80
Expires
Wed, 29 Jun 2022 14:58:22 GMT
www-widgetapi.js
www.youtube.com/s/player/60c2da65/www-widgetapi.vflset/ Frame 03EF
155 KB
50 KB
Script
General
Full URL
https://www.youtube.com/s/player/60c2da65/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:57:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
66
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51402
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 14:57:16 GMT
tag-live.js
solutions.invocacdn.com/js/networks/1842/1248633193/ Frame 03EF
3 KB
1 KB
Script
General
Full URL
https://solutions.invocacdn.com/js/networks/1842/1248633193/tag-live.js
Requested by
Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-35.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
og8LYy4F7wYsj7xWF5dblQTTolj4Jr4r
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 20:39:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"91458637d9d9d3064f357ca4faab79db"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/javascript
via
1.1 d8eef512ab23f23f549b4cd25ac5328c.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Wed, 29 Jun 2022 14:58:23 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-id
0fiLrru5J-vvEm9yP72hq5_6BOc52_hoDzRIjRbstze57KtRmJkRNQ==
www-player.css
www.youtube.com/s/player/60c2da65/ Frame CD53
339 KB
47 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/60c2da65/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 01:50:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
47246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47636
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 01:50:56 GMT
www-embed-player.js
www.youtube.com/s/player/60c2da65/www-embed-player.vflset/ Frame CD53
301 KB
93 KB
Script
General
Full URL
https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:09:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
6530
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95238
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 29 Jun 2023 13:09:32 GMT
base.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame CD53
2 MB
535 KB
Script
General
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
151774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
547314
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:48:48 GMT
fetch-polyfill.js
www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/ Frame CD53
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 21:51:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
61617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 28 Jun 2023 21:51:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame CD53
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
78701
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Jun 2023 17:06:41 GMT
track
t.teads.tv/ Frame 03EF
23 B
143 B
Image
General
Full URL
https://t.teads.tv/track?action=pageView&env=js-web&tag_version=5.5.4_dee72da&buyer_pixel_id=4963&referer=https%3A%2F%2Fwww.avera.org%2F&cohort_id=Avera%20Health
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-length
23
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/ Frame 03EF
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/?random=1656514702541&cv=9&fst=1656514702541&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&tiba=Avera%20Health&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b238bb6f61a09ba478c37daad75f8e01f21c0a8666183a3a771093cb0c75e003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1068
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame CD53
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5f7b369cfa7395e7b156e5860c348f0a65764ff9571652cb004340c3b92b180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame CD53
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:49:42 GMT
x-content-type-options
nosniff
age
520
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 29 Jun 2022 15:04:42 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 29 Jun 2022 14:58:22 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CD53
63 KB
29 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f388d46554174951340c9c65a87cf902c82ec409bb572113add1e6c5b67f149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
29966
x-xss-protection
0
remote.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame CD53
119 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfd22f5124e1dcfcb43868204d7edf24738c04a2bcf06c9ff5031de2b999fab4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
151774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37797
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:48:48 GMT
486y80sSt9Sf0OH0l2rh2a_Yw0NOdz-g3SKVK3WgbS0.js
www.google.com/js/th/ Frame CD53
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/486y80sSt9Sf0OH0l2rh2a_Yw0NOdz-g3SKVK3WgbS0.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3ceb2f34b12b7d49fd0e1f4976ae1d9afd8c3434e773fa0dd22952b75a06d2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 13:17:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
6052
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13912
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 29 Jun 2023 13:17:30 GMT
embed.js
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame CD53
27 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 20:50:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
151652
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8115
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 19:56:18 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 20:50:50 GMT
0056.json
script.crazyegg.com/pages/data-scripts/0031/ Frame 03EF
14 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0031/0056.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d80d61b07064b516b4a794ec7fc0ed401aa1ff0afa689017cdc55e6b85ff6d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
722f851bcdd0914a-FRA
ce-version
11.1.455
content-length
2057
last-modified
Wed, 29 Jun 2022 14:58:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
truncated
/ Frame CD53
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQU33RytyziQUNEP8ULz_yZlOjzDeAcWiFcADe4iQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame CD53
3 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLQU33RytyziQUNEP8ULz_yZlOjzDeAcWiFcADe4iQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
448d891b4a6cb2482684807968e24f0afb57c09926fd59f4aac565bb2bc299e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 12:31:43 GMT
x-content-type-options
nosniff
age
8799
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2727
x-xss-protection
0
server
fife
etag
"v85"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 14 Jun 2022 14:56:26 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/TKqKSCG_tk4/ Frame CD53
37 KB
37 KB
Image
General
Full URL
https://i.ytimg.com/vi_webp/TKqKSCG_tk4/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f056fde2cca436b7198ce1d2488f31abf0975c8992a090cb2191780a40d28f4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37746
x-xss-protection
0
server
sffe
etag
"1640012890"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 29 Jun 2022 16:58:22 GMT
/
www.google.com/pagead/1p-user-list/1060691714/ Frame 03EF
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1060691714/?random=1656514702541&cv=9&fst=1656511200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=4045782179&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1060691714/ Frame 03EF
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1060691714/?random=1656514702541&cv=9&fst=1656511200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6r0&sendb=1&frm=2&url=https%3A%2F%2Fwww.avera.org%2F&ref=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=4045782179&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
a.rfihub.com/ Frame C8AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyMDk1NzkyOTY2OQ==&forward=
  • https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1
42 B
1010 B
Image
General
Full URL
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEAh4R2IXksVCAZUHdyKCCXs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame C8AC
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=18&code=5141210820957929669
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Jun 2022 14:58:22 GMT
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b6dc1c11-5f2f-41e6-91bb-25cd03324f78
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 29 Jun 2022 14:58:22 GMT
X-Proxy-Origin
178.162.209.129; 178.162.209.129; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
43fc3b47-b295-4e72-9ff0-3a8f6e81bec5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5141210820957929669
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C8AC
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5141210820957929669&
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
demconf.jpg
dpm.demdex.net/ Frame C8AC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210820957929669&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
52.51.78.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-78-176.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v035-063a29b33.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/4fkDb+qQHI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v035-0fd79b494.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
O6HsT+WQQ2Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210820957929669&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ps.eyeota.net/ Frame C8AC
Redirect Chain
  • https://p.rfihub.com/cm?pub=24472&in=1
  • https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0
0
344 B
Image
General
Full URL
https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
https://ps.eyeota.net/match?uid=5141210820957929669&bid=omt9pi0
Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync.php
contextual.media.net/ Frame C8AC
45 B
616 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Wed, 29 Jun 2022 14:58:22 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Wed, 29 Jun 2022 14:58:22 GMT
serving
bs.serving-sys.com/ Frame C8AC
0
105 B
Image
General
Full URL
https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.187.215 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-187-215.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
content-length
0
p3p
CP="NOI DEVa OUR BUS UNI"
501709.gif
idsync.rlcdn.com/ Frame C8AC
Redirect Chain
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210820957929669&referrer=https%3A%2F%2F5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog%2F
  • https://p.rfihub.com/cm?pub=39342&in=0&userid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Da3dc72d9-49c3-470f-af3d-7885b0879638...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
0
9 B
Image
General
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Location
https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
bpi.rtactivate.com/tag/ Frame C8AC
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=11017&user_id=5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.34.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-34-148.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:23 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame C8AC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1
43 B
944 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
722f851ced7e9b1c-FRA
pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNuh91hSwMnqgsOcVppRv6gc61ezZrB%2FrsvN%2F3VZenSPI1a1U1s4z8rMS%2BGfMoEGEJHbOxE5pdUuaOmbE4ElTbrg%2Fa6HEhbg92EOjJsko6YaR45FV8XlLiw2Skz001VVRkJuNKNxiEmCHw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RsgaaVQiWPXOHyLCrRnPcTYskPvBdJ8wXJ%2FMFaDu6LkrHWqBuubJOAP%2F4ANeESnpVZpW1Fi19Myb%2B27T%2BSYEoa%2FjkuBzf6FlUS99ahdxHSlD%2F2PeBwSRqz5DP8MyJfWVTyIX69daX2oPwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=57&external_user_id=5141210820957929669&forward=&C=1
cache-control
no-cache
cf-ray
722f851c2c429119-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
360947.gif
idsync.rlcdn.com/ Frame C8AC
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/360947.gif?partner_uid=5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rocketfuel_sync
x.dlx.addthis.com/e/ Frame C8AC
43 B
191 B
Image
General
Full URL
https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.90.192.27 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-192-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=2628000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:23 GMT
cache-control
max-age=0, no-cache, no-store
expires
Wed, 29 Jun 2022 14:58:23 GMT
content-length
43
strict-transport-security
max-age=2628000
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame C8AC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406
43 B
549 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
120
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Wed, 29 Jun 2022 14:58:22 GMT
Server
nginx
Location
/partner?adv_id=7180&uid=5141210820957929669&img=1&__user_check__=1&sync_id=ebcf6411-f7bb-11ec-acb9-14c817940406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
0
sync
partners.tremorhub.com/ Frame C8AC
43 B
183 B
Image
General
Full URL
https://partners.tremorhub.com/sync?UIRF=5141210820957929669&r=UQn4tUeNfoYk
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:95d7:83c7:b563:cce1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:23 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
g.pixel
aa.agkn.com/adscores/ Frame C8AC
43 B
377 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.93.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-93-140.eu-west-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:22 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
usermatch.gif
beacon.krxd.net/ Frame C8AC
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5141210820957929669
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.150.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-150-146.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1656514702
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/ Frame C8AC
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210820957929669&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30
43 B
510 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30
Protocol
HTTP/1.1
Server
35.211.178.172 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5141210820957929669&expires=30
Date
Wed, 29 Jun 2022 14:58:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cm
p.rfihub.com/ Frame C8AC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YrxojgAMcC1ZTgAj
  • https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj
42 B
1 KB
Image
General
Full URL
https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
HTTP/1.1
Server
193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://20770730p.rfihub.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 29 Jun 2022 14:58:23 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Wed, 29 Jun 2022 14:58:23 GMT
via
1.1 varnish
server
Varnish
x-timer
S1656514703.049480,VS0,VE0
x-served-by
cache-fra19144-FRA
x-cache
HIT
location
https://p.rfihub.com/cm?in=1&pub=21653&userid=YrxojgAMcC1ZTgAj&_test=YrxojgAMcC1ZTgAj
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame CD53
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Jun 2022 14:58:22 GMT
generate_204
www.youtube.com/ Frame CD53
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?GUGhDg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/TKqKSCG_tk4?enablejsapi=1&origin=https%3A%2F%2Fwww.avera.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
11.1.455.js
script.crazyegg.com/pages/versioned/common-scripts/ Frame 03EF
86 KB
28 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 24 Jun 2022 04:57:06 GMT
server
cloudflare
age
10881
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
cf-ray
722f851cea7a9be8-FRA
content-length
28087
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame CD53
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:15:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15123
x-xss-protection
0
last-modified
Mon, 02 May 2022 15:04:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 30 Jun 2022 10:15:35 GMT
0056.json
script.crazyegg.com/pages/sampling-data-scripts/0031/ Frame 03EF
860 B
422 B
XHR
General
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0031/0056.json?t=460142
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
346fa7cd7e18e5149bd8305eeeab929b467de87e477f67e68e16aac3cb94f5b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 14:58:23 GMT
content-encoding
gzip
cf-cache-status
MISS
cf-ray
722f851d2832914a-FRA
ce-version
11.1.455
content-length
312
last-modified
Wed, 29 Jun 2022 14:58:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame CD53
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af8afee61af15164021120f92b0320516a7c472925d55c3c5f2401e24f5b15ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 29 Jun 2022 14:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 29 Jun 2022 14:58:22 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
healthcheck
pagestates-tracking.crazyegg.com/ Frame 03EF
19 B
419 B
XHR
General
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-115.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 09 Apr 2022 10:11:21 GMT
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
7015623
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
iykS_6dSnMzVgNkqOxUGUxMK8Rdf5a_pURG1V-k5u6q48QM-bwowBQ==
healthcheck
assets-tracking.crazyegg.com/ Frame 03EF
19 B
418 B
XHR
General
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-55.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Thu, 02 Jun 2022 00:59:39 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 13:53:30 GMT
server
AmazonS3
age
2383124
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
19
x-amz-cf-id
Ihplj--59vEPrpoNMf2PiK4oekndLRW7pw_y4wQ5RGDNdEcwNbhDYQ==
58c59a35-eb72-4c79-9c5b-2d172e9e02ac
https://www.avera.org/ Frame 03EF
53 B
0
Other
General
Full URL
blob:https://www.avera.org/58c59a35-eb72-4c79-9c5b-2d172e9e02ac
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
53
Content-Type
text/javascript
clock
tracking.crazyegg.com/ Frame 03EF
29 B
136 B
XHR
General
Full URL
https://tracking.crazyegg.com/clock?t=1656514703167
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.455.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.171.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-171-64.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
fa3161fecf78e06b0e690f590b5d6672360ffa85e9376b8f78c98710bb85969a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avera.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 29 Jun 2022 14:58:23 GMT
cache-control
no-store
server
awselb/2.0
content-length
29
content-type
text/plain
e5c2b8eb-3ecf-4dc5-bd6a-54b1a51fe8cb
https://www.avera.org/ Frame 03EF
218 B
0
Other
General
Full URL
blob:https://www.avera.org/e5c2b8eb-3ecf-4dc5-bd6a-54b1a51fe8cb
Requested by
Host: www.avera.org
URL: https://www.avera.org/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e4e1930fcdb6fa4259027bb2e66913c9cce2bf0998c9a7b58b76b8259bb1e6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length
218
Content-Type
text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/TKqKSCG_tk4
Domain
www.youtube.com
URL
https://www.youtube.com/embed/TKqKSCG_tk4

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _0x29a3 function| _0x40b2 function| _0x2e20a0 string| hash number| n function| goNow object| default_tr function| _DumpException object| userfeedback object| closure_lm_231294 function| $ function| jQuery function| Popper object| bootstrap function| gtElInit string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google object| help object| hgb object| closure_lm_655694

31 Cookies

Domain/Path Name / Value
www.avera.org/ Name: ASP.NET_SessionId
Value: diyyo1j4pnll4w0vllzyhjer
www.avera.org/ Name: mobileview
Value: web
.bing.com/ Name: MUID
Value: 3304E4CB293D64B53902F51928EF6599
30531.tctm.co/ Name: ct30531
Value: 62bc688e00007743165633cc
69057.global.siteimproveanalytics.io/ Name: AWSELBCORS
Value: 1BF185CB12C799AC7E8F30E4356ECAB670474BBE589003797336CE4C220D28A5614DC7EEC747F692D0A0C2A750D9EEAE4C03879C28C5495E651A5552CEF5FE46587B6FE465
.youtube.com/ Name: YSC
Value: 7BMvPeuvlzg
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: IGdr-m1GmRE
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwMrA0Nbc0sjQzsxTiM9Qt90kOcizQzXHPNvADAH-aKvYlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTQyNLAwMrA0Nbc0sjQzsxTiM9Qt90kOcizQzXHPNvADAH-aKvYlAAAA
.casalemedia.com/ Name: CMID
Value: YrxojiocrhlcukhT-WS9kQAA
.casalemedia.com/ Name: CMPS
Value: 5206
.casalemedia.com/ Name: CMPRO
Value: 5206
.adnxs.com/ Name: uuid2
Value: 598789983592342966
.doubleclick.net/ Name: IDE
Value: AHWqTUkF38LJNJVoGRDvwQsR8ypYN0Bg0JE6NokSVQ_Oi1xnql9PSlMFrql5zsJYAl0
.media.net/ Name: visitor-id
Value: 2995163021491310000V10
.media.net/ Name: data-rk
Value: 5141210820957929669~~3
.demdex.net/ Name: demdex
Value: 01232164074525332933612942799980085529
.adnxs.com/ Name: anj
Value: dTM7k!M4/YErk#WF']wIg2C$MiKwgB!]tbPl1MNu::wpAk`W=ii+fWPdX=SDjH2Osieku8XcYra[KI4Y!AXTO:4=sB!%^/O@we7$
.spotxchange.com/ Name: audience
Value: ebcf6389-f7bb-11ec-acb9-14c817940406
.dpm.demdex.net/ Name: dpm
Value: 01232164074525332933612942799980085529
.eyeota.net/ Name: SERVERID
Value: 22683~DM
.rezync.com/ Name: zync-uuid
Value: a3dc72d9-49c3-470f-af3d-7885b0879638:1656514702.82
live.rezync.com/ Name: sd-session-id
Value: .eJwVysEKgjAYAOBXif_cYVtqTegSKxDaL4IgdpGyEVNn4SbhxHfPjh98M1QfNZh7r3oHsRtGtYW606ssxDNY7Y1qIYaQBpRRcmCEh3vOeBRxWLZglbX63Vf6-d-bxzrLHNvS19NNtA5F18iJEPQncy0uRrLMoX8FWCTfVNQhNjJImzPDvKQyz3ZSJGMqkiMsyw_AvTCL.FZ36Dg.89N4EWxYIw8oH1xdTgPD_CfEFGg
.casalemedia.com/ Name: CMTS
Value: 1132
.krxd.net/ Name: _kuid_
Value: O7WskO9q
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YrxojgAMcC1ZTgAj
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAJvFyGtoZmpmamhibmBkYmm2Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYy39zCcBGrQGRRRX5WuqNvsrNhVEi6Y9YqVoQSYwMz002saFZwo3kJjT9J2CjROCXZ3CjFUtfEMtlYFyieppuYZpyia25hYZpkYGFuaWZsYYXQpGdhNEsYyRBLY4NFwqiGPkLjAwBzZWQeiAEAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAFvFKBBZVJGfle7om-xsGBWS7pjVxGKUaJySbG6UYqlrYplsrGtibpCmm5hmnKJrbmFhmmRgYW5pZmxhZWhmamZqCJQ00rMwAgD80rgESAAAAA
.avera.org/ Name: cebs
Value: 1
.avera.org/ Name: cebsp
Value: 1
.avera.org/ Name: _ce.s
Value: v~6871a714c04a006c79f212ab106e2fa2bab587ef~vpv~0~v11.rlc~1656514703323

5 Console Messages

Source Level URL
Text
network error URL: https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/js/jquery-1.11.1.min.js.download
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link/images/favicons
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5141210820957929669
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=a3dc72d9-49c3-470f-af3d-7885b0879638%3A1656514702.82
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.translate.goog
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20770730p.rfihub.com
30531.tctm.co
5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu-ipfs-nftstorage-link.translate.goog
69057.global.siteimproveanalytics.io
a.rfihub.com
aa.agkn.com
ajax.googleapis.com
assets-tracking.crazyegg.com
bafkreigasd7iihvg5a5edz2o3ugnqdrsidauf23pm3td4wqmlnuq5l7qnu.ipfs.nftstorage.link
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.teads.tv
code.jquery.com
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
idsync.rlcdn.com
jnn-pa.googleapis.com
live.rezync.com
maxcdn.bootstrapcdn.com
p.rfihub.com
p.teads.tv
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pixel.rubiconproject.com
play.google.com
ps.eyeota.net
script.crazyegg.com
siteimproveanalytics.com
solutions.invocacdn.com
stackpath.bootstrapcdn.com
static.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
t.teads.tv
t1.gstatic.com
tracking.crazyegg.com
translate.google.com
translate.googleapis.com
u27352119.ct.sendgrid.net
www.avera.org
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.pngitem.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
www.youtube.com
104.18.19.126
104.89.28.165
104.90.192.27
13.224.189.115
13.224.189.35
13.225.78.123
142.250.185.66
151.101.66.49
167.89.118.35
172.217.18.2
173.208.219.12
185.33.221.14
185.94.180.125
193.0.160.129
2.18.235.93
2001:4de0:ac18::1:a:1a
2600:1f18:612b:4264:95d7:83c7:b563:cce1
2600:9000:21f3:7c00:1:76cf:fe80:93a1
2600:9000:21f3:800:12:de4a:40:93a1
2606:4700::6811:180e
2606:4700::6812:76b
2606:4700::6812:acf
2606:4700::6813:9308
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:806::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2016
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200a
2a06:98c1:3120::3
3.127.178.105
3.65.187.215
3.74.77.177
34.204.34.148
34.250.171.64
34.253.150.146
35.211.178.172
35.244.174.68
52.162.218.125
52.51.78.176
54.76.93.140
69.173.144.165
99.86.4.55
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044
0217441ee1280cf8b94315b6410c28f97dac9d4e80985c5d1528de90c0745187
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e4e1930fcdb6fa4259027bb2e66913c9cce2bf0998c9a7b58b76b8259bb1e6c
0f2b55267e19c1138152ab60d3ea4bc0f56277ac2b60d7c35caf88b8648fa38a
0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef
13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0
13db9535837b68ad951f79fc71e9344b71a600d397a1bc0032f005ac260ded16
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78
15eae2666ea93ea9efacf3498c02bcf8c3b615d22f1653d31504a726a73ca3b3
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
186229667fb519d86383ff429d1582e42121110ca5836aa9d2524cdfffa35934
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f388d46554174951340c9c65a87cf902c82ec409bb572113add1e6c5b67f149
2172033cc841f94e32ca4412cd380e43d873a9e74e54aee03f0d26ed72d20be5
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
2815abcc1ebbaef289b2c054f6e9c342781a29fed7606f0a756f51e11e06a205
29f6bed3647112061811f999ca81614c27688f8f01bdba3d7287a9c8836a67ef
2e0bdc192134bb3950a1ba4c1148901e39ebd8d2d01f64ef23106e90a9f771b0
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13
3218dc61f50c1f2dfb0d475b05d2645149c4dea7d416bff22c8af6a975503361
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e5d3676f7cca9d4bc0898299033b5fd8dfa56c917d007a9696355d1c271c26
34213b385cae7b707f5728b6e2a2a8226e45723ea56aa0496c3b34e5582dc439
346fa7cd7e18e5149bd8305eeeab929b467de87e477f67e68e16aac3cb94f5b9
3605c1411f79957f27d1dae87686ce0c6cc0f887cbf5c08c4208d329db7403d6
38a2e967771266d9d1906db3586b9fecb915af15f2b6c472ac6f7f92661a7e14
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
42171d76548498998da88f032aba50a028b9481fd7004a9a3b5d3b8d98fe48a2
448d891b4a6cb2482684807968e24f0afb57c09926fd59f4aac565bb2bc299e5
468a4b0d07ebf83c9fc570555de7ece6182bd070fa5d85110983e928f27f2605
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d80d61b07064b516b4a794ec7fc0ed401aa1ff0afa689017cdc55e6b85ff6d9
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
4e8f5dd6a9303272e072a91dca59a98045daf7df832aaf76e2104899f7f24a6e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50e3ddb1150ec53e199960f53c985fd366459cd235e3493f8220ad5eea1bc8ca
51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
564d2d9cb1733785392951d9805f002539677fc01730f7a5bc51fa8c6cc4d542
567e696f9b3ede076143a8f5931e4b5951ef0d4404456addbfdaf416ec02746e
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
578254b8c8e53db6ffe80754d29a9db454d8818885ac826b11e9b95389618b5b
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5bd1509337ed0340671fe3a20fd38f2bb22718239f709014cdf99f251bd7808c
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5
6553190991765f48d49b0ebb1e6aca187e6e73a9fdcca36d469cf2959fde3ed3
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12
6b96eea12a95503b938e26be81037a78006b1ffe000ec6c2aa69a026caab7b79
6c29508e47b449f9003988bf14aa818b0ae6bb835f71684ed1e1dd3d9cb3ae1d
6ca48df6d8db3e41cb4ab81fd3d2dfe447e8ef2950e0a21ea29b759b93116d2c
70b5b48b9621e7af2d0783f2aa0e7a26734476499e6756710794583d864c95b2
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297
7cca7f579302e4c17877cd5c652d7fe8b139853077f182dcbae1ef917911ff94
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7fc4e7e24bdfb9955a95e4ff4904f160455ff3ff48fd88aead4bad5153ba0a67
81a8a5fa403010e18fcfd0d01a5209c195c3793caa948afe645c7f3aebbd73f1
81bae4acb15f38092d128a317dcb99da47f27a83eebeb5a9e6e4f8364afe9877
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8b7a865fabf2357352518bb072b270ba3568a87afc6ebb6c103ac891828b2f39
8d266e03af2889d2b1e93df1d976a7e965b7fd696e30aed8ee420a1ccdf5683f
8ff09cd0ee012fe06ed1b67dc914858cde819f21bb479f629994d9e49f3c0049
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
95a003b9b3ad227ee54a136875f3a4e7a9be2123d8d1b8cbe71f64cafc989c19
9728c80f3cf245b8f33e51fe812c822edeefd99466b5cc137f2f760b635a722c
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99294fad3e114681d7504cad26b5d425bf7bb98c82bb4abce603e145ba2e3e17
99bf4aa403643a6d41c028e5db29c79c17cbc815b3e10cd5c6b8f90567a03e52
9a02cca8bf04f3f52aeb08f142a1e18e10cb0f5d65c184f8cf9800399c2b4c44
9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e2d5c67db7e75218040da891cefbef4b6f4d7190cbb7233b775daf24c81dd4
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a6a58f48b5e3335c415ae481226ebc52a48098d3cd9cec7a65ec654584165140
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3
a9c87374e4ec256cc7ab841753a48a58afd958317dfb7567982b014977008d1b
ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159
af8afee61af15164021120f92b0320516a7c472925d55c3c5f2401e24f5b15ed
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d2352b99cafa21c1b9154bdc16a52dfde107822627759316eceae124ad830f
b238bb6f61a09ba478c37daad75f8e01f21c0a8666183a3a771093cb0c75e003
b3d33f918be446899524f68104ed45a66e89ac2e342e60b285fb81106b970eb3
b40c01e08b557027b0a8bdef7b5eb4987159fc993f619fd2d476548fdedb389e
b5235e4801e655e7d25a202bae251753fc2a4b24e196d35c8f3c03bbd4f1df79
bfd22f5124e1dcfcb43868204d7edf24738c04a2bcf06c9ff5031de2b999fab4
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c74f0894ecff00c8d7de8177b63bc6a12326738c0e3d2f55367da3b69ffca4d6
c933b53cece56ce24891abe3a2e0cdc4716feb52a662fcc5718f189b5461ff27
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
cfdeb7581f3fd1c3939c601fddbdff2dd2dd390ae39b29dc1f5239b412699fcc
d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75
d96a1eaf45053f482af9839786a143baf958b5351593921477009d8b460cac20
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ceb2f34b12b7d49fd0e1f4976ae1d9afd8c3434e773fa0dd22952b75a06d2d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1
e725690313a5ae91171a40d35af22a6cd93f0b8ddef0827030287e61d0a71e58
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0100a76311bfe891d95a47a600573d31b0f29f9e807abe1c73cfbd7a8616b55
f056fde2cca436b7198ce1d2488f31abf0975c8992a090cb2191780a40d28f4d
f168283e82e4fd2fa8adcf4081f0fb941f18eddfbbbd8f79acbad95d08a891c0
f548ff6ad911d8e6bc52c6c8e7c730e5f99d613cc522d04ed2ee7fb1ca040df6
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c15be80ca89a8b5cb49082e802a4acfd48f287903244775b758774f43f82dd
f5f7b369cfa7395e7b156e5860c348f0a65764ff9571652cb004340c3b92b180
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
fa3161fecf78e06b0e690f590b5d6672360ffa85e9376b8f78c98710bb85969a
fbb45adf686a7e3e243893989f592071cc556d29f11fd103e95c6139a185ef3e