Submitted URL: https://click.email.nam.org/?qs=f4dbdcd757b19f75db4c39a30af6190e6fe7dc36162fff520b38d01dce1e325b977a7cb33ab45517a55593a0f3b6...
Effective URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Submission: On June 18 via manual from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 85 HTTP transactions. The main IP is 35.185.223.163, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.ahtins.com. The Cisco Umbrella rank of the primary domain is 231475.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on November 9th 2021. Valid for: a year.
This is the only time www.ahtins.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.180.32 22606 (EXACT-7)
27 35.185.223.163 396982 (GOOGLE-CL...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
4 52.54.96.194 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
4 34.237.219.119 14618 (AMAZON-AES)
2 8 2600:9000:215... 16509 (AMAZON-02)
1 54.154.72.195 16509 (AMAZON-02)
85 18
Apex Domain
Subdomains
Transfer
27 ahtins.com
www.ahtins.com — Cisco Umbrella Rank: 231475
1 MB
20 gstatic.com
fonts.gstatic.com
www.gstatic.com
1 MB
9 adroll.com
s.adroll.com — Cisco Umbrella Rank: 2527
d.adroll.com — Cisco Umbrella Rank: 1630
79 KB
9 google.com
translate.google.com — Cisco Umbrella Rank: 1472
www.google.com — Cisco Umbrella Rank: 9
75 KB
8 pardot.com
go.pardot.com — Cisco Umbrella Rank: 16249
pi.pardot.com — Cisco Umbrella Rank: 4806
213 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
www.linkedin.com — Cisco Umbrella Rank: 527
px4.ads.linkedin.com — Cisco Umbrella Rank: 5965
3 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
translate.googleapis.com — Cisco Umbrella Rank: 1223
82 KB
3 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4381
59 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 953
3 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 6381
1 KB
1 nam.org
click.email.nam.org
264 B
0 commonapro.com Failed
commonapro.com Failed
85 13
Domain Requested by
27 www.ahtins.com www.ahtins.com
15 www.gstatic.com www.ahtins.com
translate.googleapis.com
www.google.com
www.gstatic.com
8 s.adroll.com 2 redirects www.ahtins.com
s.adroll.com
8 www.google.com go.pardot.com
www.gstatic.com
www.google.com
5 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 pi.pardot.com go.pardot.com
pi.pardot.com
4 go.pardot.com www.ahtins.com
go.pardot.com
3 static.addtoany.com www.ahtins.com
static.addtoany.com
2 px.ads.linkedin.com 2 redirects
2 www.google-analytics.com www.ahtins.com
www.google-analytics.com
2 translate.googleapis.com
1 d.adroll.com s.adroll.com
1 px4.ads.linkedin.com www.ahtins.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.ahtins.com
1 ws.zoominfo.com www.ahtins.com
1 fonts.googleapis.com www.ahtins.com
go.pardot.com
1 translate.google.com www.ahtins.com
1 click.email.nam.org 1 redirects
0 commonapro.com Failed www.ahtins.com
85 20
Subject Issuer Validity Valid
*.ahtins.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-11-09 -
2022-11-09
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-04 -
2023-06-03
a year crt.sh
*.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3
2022-05-04 -
2023-05-04
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
go.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-08 -
2022-11-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
www.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
pi.pardot.com
DigiCert TLS RSA SHA256 2020 CA1
2021-11-08 -
2022-11-07
a year crt.sh
s.adroll.com
Amazon
2021-08-02 -
2022-08-31
a year crt.sh
adroll.mgr.consensu.org
Amazon
2021-09-09 -
2022-10-08
a year crt.sh

This page contains 9 frames:

Primary Page: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Frame ID: 3CD3C66B292A89B554B7D9B6E86C6AA9
Requests: 53 HTTP requests in this frame

Frame: https://go.pardot.com/l/369451/2022-01-07/mw6yt
Frame ID: F44106BC6372BC0567C5914FBBC826BC
Requests: 7 HTTP requests in this frame

Frame: https://go.pardot.com/l/369451/2021-03-01/gzsxf
Frame ID: 9D4B515C4EA24483C3E60D42EB74F13D
Requests: 7 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: A8FC80EBD8562A25487F8F14D1A24D84
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 636BBF3E2F5FC3018DA8FFB909748772
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
Frame ID: C0F4AD687F8E351BF555A183207BD05E
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
Frame ID: 07E82101C11E3279E9E3612BBF0337CD
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Frame ID: 3AFEC9344AAC0E3DAA7AF6116691F14C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Frame ID: 9B6C0A48C9FEF82207A28AF4FE79F7B6
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

NAM Cyber Cover – CRA-Quote Main | AHT Insurance

Page URL History Show full URLs

  1. https://click.email.nam.org/?qs=f4dbdcd757b19f75db4c39a30af6190e6fe7dc36162fff520b38d01dce1e325b977a7cb3... HTTP 302
    https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • (?:a|s)\.adroll\.com

Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

85
Requests

93 %
HTTPS

67 %
IPv6

13
Domains

20
Subdomains

18
IPs

3
Countries

2696 kB
Transfer

6385 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.email.nam.org/?qs=f4dbdcd757b19f75db4c39a30af6190e6fe7dc36162fff520b38d01dce1e325b977a7cb33ab45517a55593a0f3b64432c22326a836a8efc30d565ad7dcf6f7b6 HTTP 302
    https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3048298%252C906074%26time%3D1655575300617%26url%3Dhttps%253A%252F%252Fwww.ahtins.com%252Fnam-cyber-cover-cra-quote-main%252F%253Futm_source%253D261785%2526utm_medium%253Demail%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail&liSync=true&e_ipv6=AQKVsw7k3NLfZAAAAYF3-k40O2Lid2zqFTHuj4j0RE2CbYFRYtliDGkfxuxx_H-fKwvjImbUCA
Request Chain 84
  • https://s.adroll.com/j/exp/V3JTXMFWD5B5FEMVTRIMFK/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 85
  • https://s.adroll.com/j/pre/V3JTXMFWD5B5FEMVTRIMFK/FA5ARS33LFEKBA6F7T4EVZ/fpconsent.js HTTP 302
  • https://s.adroll.com/j/pre/index.js

85 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.ahtins.com/nam-cyber-cover-cra-quote-main/
Redirect Chain
  • https://click.email.nam.org/?qs=f4dbdcd757b19f75db4c39a30af6190e6fe7dc36162fff520b38d01dce1e325b977a7cb33ab45517a55593a0f3b64432c22326a836a8efc30d565ad7dcf6f7b6
  • https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
55 KB
12 KB
Document
General
Full URL
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
7ed3a745504e89ee38edb16a6902f6abd161dd398eb3eb322fafb070994415a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=600, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 18:01:39 GMT
link
<https://www.ahtins.com/?p=3648>; rel=shortlink
server
nginx
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 4
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

Cache-Control
private
Connection
close
Content-Length
210
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 18:01:38 GMT
Location
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
gtranslate-style24.css
www.ahtins.com/wp-content/plugins/gtranslate/
693 B
489 B
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/plugins/gtranslate/gtranslate-style24.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 18:18:42 GMT
server
nginx
etag
W/"62a0e802-2b5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.min.css
www.ahtins.com/wp-includes/css/dist/block-library/
81 KB
11 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2022 11:30:25 GMT
server
nginx
etag
W/"62443f51-145db"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.ahtins.com/wp-content/plugins/dp-portfolio-posts-pro/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/plugins/dp-portfolio-posts-pro/css/style.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
afcd0c85cfee7b03aa8af3dd391d3b51b4b69d96ea2e0c3bfd6ebdc72583e2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Thu, 06 Jul 2017 21:33:44 GMT
server
nginx
etag
W/"595eacb8-1b1d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
style.css
www.ahtins.com/wp-content/themes/Divi/
444 KB
56 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/themes/Divi/style.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3af1b121dc932f286e1495579fbc59cda6db6b7d32ffcc8a3277d40b3e021cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 20:11:00 GMT
server
nginx
etag
W/"5fb57fd4-6f152"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
themify-icons.min.css
www.ahtins.com/wp-content/plugins/dflip/assets/css/
14 KB
3 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/plugins/dflip/assets/css/themify-icons.min.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 18:18:35 GMT
server
nginx
etag
W/"62a0e7fb-3605"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
dflip.min.css
www.ahtins.com/wp-content/plugins/dflip/assets/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/plugins/dflip/assets/css/dflip.min.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 18:18:35 GMT
server
nginx
etag
W/"62a0e7fb-6932"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
dashicons.min.css
www.ahtins.com/wp-includes/css/
58 KB
35 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-includes/css/dashicons.min.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
etag
W/"603ffca6-e688"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
addtoany.min.css
www.ahtins.com/wp-content/plugins/add-to-any/
1 KB
669 B
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/plugins/add-to-any/addtoany.min.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 12:07:14 GMT
server
nginx
etag
W/"61f13972-5ef"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
www.ahtins.com/wp-includes/js/jquery/
87 KB
31 KB
Script
General
Full URL
https://www.ahtins.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
www.ahtins.com/wp-includes/js/jquery/
11 KB
4 KB
Script
General
Full URL
https://www.ahtins.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:39 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
page.js
static.addtoany.com/menu/
72 KB
26 KB
Script
General
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
29442
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
71d5ee7bbc8e8fe2-FRA
cf-bgj
minify
addtoany.min.js
www.ahtins.com/wp-content/plugins/add-to-any/
129 B
316 B
Script
General
Full URL
https://www.ahtins.com/wp-content/plugins/add-to-any/addtoany.min.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Wed, 26 Jan 2022 12:07:14 GMT
server
nginx
etag
W/"61f13972-81"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
ajax-get-post.js
www.ahtins.com/wp-content/plugins/dp-portfolio-posts-pro/js/
2 KB
753 B
Script
General
Full URL
https://www.ahtins.com/wp-content/plugins/dp-portfolio-posts-pro/js/ajax-get-post.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d506ecf0f66315db67dd5d02ef1ba6b3a8572a641a3a2263b55c864bbc961dd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Thu, 06 Jul 2017 21:33:44 GMT
server
nginx
etag
W/"595eacb8-70c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.js
www.ahtins.com/wp-content/plugins/stop-user-enumeration/frontend/js/
486 B
454 B
Script
General
Full URL
https://www.ahtins.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Wed, 20 Apr 2022 18:57:33 GMT
server
nginx
etag
W/"6260579d-1e6"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
et-divi-customizer-global-1655500913.min.css
www.ahtins.com/wp-content/cache/et/global/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.ahtins.com/wp-content/cache/et/global/et-divi-customizer-global-1655500913.min.css
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e9663d7a6b37ddfc9d7f6ad81f77afdfdb13cd11a9c8d7aa972fd09c23985ab8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Fri, 17 Jun 2022 21:21:53 GMT
server
nginx
etag
W/"62acf071-2f1c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
AHT-Logo-White-01.png
www.ahtins.com/wp-content/uploads/2020/12/
78 KB
78 KB
Image
General
Full URL
https://www.ahtins.com/wp-content/uploads/2020/12/AHT-Logo-White-01.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
54766371b93c3c4d57d10bb18d3caec76dc8ca56a55db110be6fa33819ca15fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Mon, 07 Dec 2020 18:47:01 GMT
server
nginx
etag
"5fce78a5-13711"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
79633
NAM_RGB.png
www.ahtins.com/wp-content/uploads/2019/08/
42 KB
42 KB
Image
General
Full URL
https://www.ahtins.com/wp-content/uploads/2019/08/NAM_RGB.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b7f2ac1b4332d18df2e10d7b71cc02601537251e9c0ce54cb2dc0e9c88543aba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Fri, 30 Aug 2019 11:10:54 GMT
server
nginx
etag
"5d69043e-a6cd"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
42701
coalition_logo_inline.png
www.ahtins.com/wp-content/uploads/2019/08/
26 KB
26 KB
Image
General
Full URL
https://www.ahtins.com/wp-content/uploads/2019/08/coalition_logo_inline.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
13c3263d8bb25ff6a012afae05dd34d66a6b2f3f7f5b1cd98ad8a5cda03c16b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Fri, 30 Aug 2019 11:10:59 GMT
server
nginx
etag
"5d690443-68d1"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
26833
AHT_logo_225.png
www.ahtins.com/wp-content/uploads/2019/07/
18 KB
18 KB
Image
General
Full URL
https://www.ahtins.com/wp-content/uploads/2019/07/AHT_logo_225.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd666a89949718bebd25fcfe93dc00e14eed80a8186b20f70f09d71f0d327a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Thu, 25 Jul 2019 13:59:28 GMT
server
nginx
etag
"5d39b5c0-4916"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18710
CA-badge2.svg
commonapro.com/BriskCoder/Pub/Media/img/
0
0

en-us.png
www.ahtins.com/wp-content/plugins/gtranslate/flags/16/
488 B
689 B
Image
General
Full URL
https://www.ahtins.com/wp-content/plugins/gtranslate/flags/16/en-us.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4ac836d19ba59b13f74176339bbb73a752844e528a338bd9340c945d2f2895c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Wed, 08 Jun 2022 18:18:42 GMT
server
nginx
etag
"62a0e802-1e8"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
488
element.js
translate.google.com/translate_a/
76 KB
27 KB
Script
General
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32d8da476334740b7fe6e31a78ca8f58470e4a3cdbfd4c2e28154389482fd7e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
32 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8688d8bd2f7236838a1b86f490b39bf57a09ce96b4a34063695898b536182761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 18:01:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 18 Jun 2022 18:01:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Jun 2022 18:01:40 GMT
custom.min.js
www.ahtins.com/wp-content/themes/Divi/js/
240 KB
58 KB
Script
General
Full URL
https://www.ahtins.com/wp-content/themes/Divi/js/custom.min.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
27bba2f1915a6fd4393d2370077e792a9d805c0319383a656846b24c3e61dbff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 20:11:00 GMT
server
nginx
etag
W/"5fb57fd4-3c17e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
dflip.min.js
www.ahtins.com/wp-content/plugins/dflip/assets/js/
125 KB
40 KB
Script
General
Full URL
https://www.ahtins.com/wp-content/plugins/dflip/assets/js/dflip.min.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
09f2ff5cd11b1e37a29b2935d9fcadfb7fa18d0982c22e22626d990bdcc661ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Wed, 08 Jun 2022 18:18:35 GMT
server
nginx
etag
W/"62a0e7fb-1f586"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
common.js
www.ahtins.com/wp-content/themes/Divi/core/admin/js/
1 KB
752 B
Script
General
Full URL
https://www.ahtins.com/wp-content/themes/Divi/core/admin/js/common.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e04ba77c47bc3a299b8dc20a36b3c3bc5f64d629bb43e39ced7eef17dc9b19f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 20:11:03 GMT
server
nginx
etag
W/"5fb57fd7-4c4"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
611d5233766fa2001c84444f
ws.zoominfo.com/pixel/
2 KB
1 KB
Script
General
Full URL
https://ws.zoominfo.com/pixel/611d5233766fa2001c84444f
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dbd207341715a75c305595a31000d8a044cba9b815c5653805b4b0a1dc4b0f21
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
71d5ee7bcb8a0208-ZRH
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for
via
1.1 google
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5c7b:c24a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 18:01:40 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=24723
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
mw6yt
go.pardot.com/l/369451/2022-01-07/ Frame F441
10 KB
3 KB
Document
General
Full URL
https://go.pardot.com/l/369451/2022-01-07/mw6yt
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
41c9bbceca54fedd98ffeb4f489947d529f4c3bcb0efb0e9cc85d63fc6f0280d

Request headers

Referer
https://www.ahtins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
2704
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 18:01:40 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy-report-only
sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-scripts allow-top-navigation allow-top-navigation-by-user-activation
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
gzsxf
go.pardot.com/l/369451/2021-03-01/ Frame 9D4B
23 KB
5 KB
Document
General
Full URL
https://go.pardot.com/l/369451/2021-03-01/gzsxf
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
1e299898ff73cd3787728e9ac7742ab0ef2225ac42aca10b1a1c59d65f65d020

Request headers

Referer
https://www.ahtins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
4767
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Jun 2022 18:01:41 GMT
Server
PardotServer
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-security-policy-report-only
sandbox allow-downloads allow-forms allow-modals allow-orientation-lock allow-pointer-lock allow-popups allow-popups-to-escape-sandbox allow-presentation allow-scripts allow-top-navigation allow-top-navigation-by-user-activation
expires
Thu, 19 Nov 1981 08:52:00 GMT
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
pragma
no-cache
vary
Accept-Encoding,User-Agent
x-pardot-rsp
0/0/1
switcher.png
www.ahtins.com/wp-content/plugins/gtranslate/
207 B
407 B
Image
General
Full URL
https://www.ahtins.com/wp-content/plugins/gtranslate/switcher.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Wed, 08 Jun 2022 18:18:42 GMT
server
nginx
etag
"62a0e802-cf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
207
arrow_down.png
www.ahtins.com/wp-content/plugins/gtranslate/
208 B
408 B
Image
General
Full URL
https://www.ahtins.com/wp-content/plugins/gtranslate/arrow_down.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Wed, 08 Jun 2022 18:18:42 GMT
server
nginx
etag
"62a0e802-d0"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
208
modules.ttf
www.ahtins.com/wp-content/themes/Divi/core/admin/fonts/
90 KB
90 KB
Font
General
Full URL
https://www.ahtins.com/wp-content/themes/Divi/core/admin/fonts/modules.ttf
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/wp-content/themes/Divi/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ec91979583b005e1b2a5fe7cf71052792398e9dbbba2d6cba3962b2a5e5ded85

Request headers

Referer
https://www.ahtins.com/wp-content/themes/Divi/style.css
Origin
https://www.ahtins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Wed, 18 Nov 2020 20:11:03 GMT
server
nginx
etag
"5fb57fd7-168bc"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
92348
translateelement.css
translate.googleapis.com/translate_static/css/
18 KB
4 KB
Stylesheet
General
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.kHeuKops2cQ.O/d=1/rs=AN8SPfooC0u7PLpzPnPbEwO2OCiQio13gQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
96
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3130
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 19:45:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 18 Jun 2022 19:00:04 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.kHeuKops2cQ.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpdaHQq3SKGvJpPuFaAbwyXpVyMzw/
224 KB
76 KB
Script
General
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.kHeuKops2cQ.O/am=Ag/d=1/exm=el_conf/ed=1/rs=AN8SPfpdaHQq3SKGvJpPuFaAbwyXpVyMzw/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.de.kHeuKops2cQ.O/d=1/rs=AN8SPfooC0u7PLpzPnPbEwO2OCiQio13gQ/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b36a5d53ddfbf65fefb6c44604bf6038cabee669fb77a80721113d581d2a8430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 07:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
78017
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 21:13:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 07:51:07 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4353
date
Sat, 18 Jun 2022 16:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 18 Jun 2022 18:49:07 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3048298%252C906074%26time%3D1655575300617%26url%3Dhttps%253A%252F%252Fwww.ahtins....
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demai...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Dema...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail&liSync=true&e_ipv6=AQKVsw7k3NLfZAAAAYF3-k40O2Lid2zqFTHuj4j0RE2CbYFRYtliDGkfxuxx_H-fKwvjImbUCA
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:43 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: CCCFBCAF4DC640CBA0F04294EBA5F30C Ref B: FRAEDGE1215 Ref C: 2022-06-18T18:01:42Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhvKnZx5A0FccrP/aNHA==
x-li-fabric
prod-lor1

Redirect headers

date
Sat, 18 Jun 2022 18:01:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 7D363D2AC0AD4E9B826BB29E6EC8A895 Ref B: FRAEDGE1515 Ref C: 2022-06-18T18:01:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3048298%2C906074&time=1655575300617&url=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail&liSync=true&e_ipv6=AQKVsw7k3NLfZAAAAYF3-k40O2Lid2zqFTHuj4j0RE2CbYFRYtliDGkfxuxx_H-fKwvjImbUCA
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhvKnBPwk6ysGxZMus9g==
sm.23.html
static.addtoany.com/menu/ Frame A8FC
741 B
554 B
Document
General
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ahtins.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
383577
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
71d5ee7cfe698fe2-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 18:01:40 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e4s
x-content-type-options
nosniff
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/gif
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic#038;subset=latin,latin-ext,cyrillic,greek,vietnamese,greek-ext,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ahtins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options
nosniff
age
452702
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:16:38 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic#038;subset=latin,latin-ext,cyrillic,greek,vietnamese,greek-ext,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ahtins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:37 GMT
x-content-type-options
nosniff
age
348843
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23236
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:04:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:37 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7COpen+Sans%3A300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic#038;subset=latin,latin-ext,cyrillic,greek,vietnamese,greek-ext,cyrillic-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.ahtins.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
348866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:14 GMT
icons.30.svg.js
static.addtoany.com/menu/svg/
77 KB
33 KB
Script
General
Full URL
https://static.addtoany.com/menu/svg/icons.30.svg.js
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
19046871
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 10 Nov 2021 01:49:04 GMT
server
cloudflare
etag
W/"132a9-5d0656e4a26b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=315360000, immutable
cf-ray
71d5ee7d7ce6cc56-ZRH
cf-bgj
minify
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1916396252&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=NAM%20Cyber%20Cover%20%E2%80%93%20CRA-Quote%20Main%20%7C%20AHT%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=732757082&gjid=2138617421&cid=1781727763.1655575301&tid=UA-29598311-1&_gid=1989472185.1655575301&_r=1&_slc=1&z=520437369
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ahtins.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 18:01:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.ahtins.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
factory-1137993_1920bw.jpg
www.ahtins.com/wp-content/uploads/2019/08/
548 KB
549 KB
Image
General
Full URL
https://www.ahtins.com/wp-content/uploads/2019/08/factory-1137993_1920bw.jpg
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.223.163 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
163.223.185.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
90ac167f441318f856b674666a45ab4d27c80e388c11c596327db7aa2090f0a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:40 GMT
last-modified
Fri, 30 Aug 2019 10:53:08 GMT
server
nginx
etag
"5d690014-89041"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
561217
piUtils.js
go.pardot.com/js/ Frame F441
341 KB
99 KB
Script
General
Full URL
https://go.pardot.com/js/piUtils.js?ver=2021-09-20
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/l/369451/2022-01-07/mw6yt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/l/369451/2022-01-07/mw6yt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 18:01:41 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Thu, 16 Jun 2022 05:18:41 GMT
Server
PardotServer
etag
"555a1-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Transfer-Encoding
chunked
Connection
keep-alive
accept-ranges
bytes
expires
Mon, 17 Jun 2024 18:01:41 GMT
api.js
www.google.com/recaptcha/ Frame F441
850 B
965 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/l/369451/2022-01-07/mw6yt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 18:01:41 GMT
css
fonts.googleapis.com/ Frame F441
0
0

piUtils.js
go.pardot.com/js/ Frame 9D4B
341 KB
99 KB
Script
General
Full URL
https://go.pardot.com/js/piUtils.js?ver=2021-09-20
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/l/369451/2021-03-01/gzsxf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-96-194.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/l/369451/2021-03-01/gzsxf
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 18:01:41 GMT
content-encoding
gzip
X-Pardot-Route
e8229a0ff18ebffc83a98010d2521dd5
last-modified
Thu, 16 Jun 2022 05:18:41 GMT
Server
PardotServer
etag
"555a1-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Transfer-Encoding
chunked
Connection
keep-alive
accept-ranges
bytes
expires
Mon, 17 Jun 2024 18:01:41 GMT
api.js
www.google.com/recaptcha/ Frame 9D4B
850 B
573 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/l/369451/2021-03-01/gzsxf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 18:01:41 GMT
css
fonts.googleapis.com/ Frame 9D4B
0
0

truncated
/ Frame 636B
2 KB
2 KB
Document
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/
846 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:41:37 GMT
x-content-type-options
nosniff
age
1204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 18 Jun 2023 17:41:37 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/
910 B
1023 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 14:04:16 GMT
x-content-type-options
nosniff
age
14245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 18 Jun 2023 14:04:16 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:43:12 GMT
x-content-type-options
nosniff
age
1109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 18 Jun 2023 17:43:12 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame F441
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://go.pardot.com/
Origin
https://go.pardot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:40:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame C0F4
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8d568516a7b22c601da2235f74a0f55cbefe8c054c36fea003b01b822963027
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XDHjPCwmfBCtBsBQUf_x5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://go.pardot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22693
content-security-policy
script-src 'report-sample' 'nonce-XDHjPCwmfBCtBsBQUf_x5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 18:01:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame C0F4
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame C0F4
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:40:09 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 9D4B
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://go.pardot.com/
Origin
https://go.pardot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:40:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame 07E8
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a651095f03fb8cf143b680523b8ea0ec1a98ce4f89584e3ae3a8eced9ab4e7de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nYhwo1M2nL3yfGUOWaIwhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://go.pardot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22952
content-security-policy
script-src 'report-sample' 'nonce-nYhwo1M2nL3yfGUOWaIwhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 18:01:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame C0F4
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C0F4
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C0F4
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 18:59:48 GMT
x-content-type-options
nosniff
age
342113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 21 Jun 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C0F4
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
348900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Jun 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame C0F4
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=87clvyn2tmv9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 18:01:41 GMT
pd.js
pi.pardot.com/ Frame F441
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/l/369451/2022-01-07/mw6yt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 18:01:42 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 16 Jun 2022 05:18:41 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Mon, 17 Jun 2024 18:01:42 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 07E8
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 07E8
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:40:09 GMT
bframe
www.google.com/recaptcha/api2/ Frame 3AFE
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aec654176fbd4326e2d0ff673ee9ee7a1062f7073e9994a3e8ccc774df4dd4fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N6MBqTVo46an3Hiq5oGc3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://go.pardot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1114
content-security-policy
script-src 'report-sample' 'nonce-N6MBqTVo46an3Hiq5oGc3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 18:01:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 3AFE
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 3AFE
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:40:09 GMT
truncated
/ Frame 07E8
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 07E8
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 07E8
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 18:59:48 GMT
x-content-type-options
nosniff
age
342114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 21 Jun 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 07E8
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
348901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Jun 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 07E8
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ&co=aHR0cHM6Ly9nby5wYXJkb3QuY29tOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=504y1knvctmp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 18:01:42 GMT
pd.js
pi.pardot.com/ Frame 9D4B
5 KB
2 KB
Script
General
Full URL
https://pi.pardot.com/pd.js
Requested by
Host: go.pardot.com
URL: https://go.pardot.com/l/369451/2021-03-01/gzsxf
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 18:01:42 GMT
content-encoding
gzip
X-Pardot-Route
16b0ab393667a33fe86adedc3141e88c
last-modified
Thu, 16 Jun 2022 05:18:41 GMT
Server
PardotServer
etag
"1547-gzip"
vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
cache-control
max-age=63072000
Connection
keep-alive
accept-ranges
bytes
Content-Length
1946
expires
Mon, 17 Jun 2024 18:01:42 GMT
analytics
pi.pardot.com/ Frame F441
50 B
705 B
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=19190&account_id=370451&title=&url=https%3A%2F%2Fgo.pardot.com%2Fl%2F369451%2F2022-01-07%2Fmw6yt&referrer=https%3A%2F%2Fwww.ahtins.com%2F
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 18 Jun 2022 18:01:43 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
Connection
keep-alive
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Content-Length
50
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 9B6C
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3a07ed01728a97e3a6d4f52e004efed64b49eed1cb7b74718607dfb53d0f067
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p2xId33JK9cZLfaKO_jenA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://go.pardot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1112
content-security-policy
script-src 'report-sample' 'nonce-p2xId33JK9cZLfaKO_jenA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 18:01:42 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 9B6C
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 9B6C
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6LfVnCYTAAAAAB4x9xlkeTsV8CO6np5UMhNjRNNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 17:40:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1293
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 18 Jun 2023 17:40:09 GMT
analytics
pi.pardot.com/ Frame 9D4B
50 B
705 B
Script
General
Full URL
https://pi.pardot.com/analytics?ver=3&pi_form=true&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=19190&account_id=370451&title=&url=https%3A%2F%2Fgo.pardot.com%2Fl%2F369451%2F2021-03-01%2Fgzsxf&referrer=https%3A%2F%2Fwww.ahtins.com%2F
Requested by
Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-219-119.compute-1.amazonaws.com
Software
PardotServer /
Resource Hash
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://go.pardot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 18 Jun 2022 18:01:43 GMT
X-Pardot-Route
9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp
0/0/1
vary
User-Agent
Connection
keep-alive
p3p
CP="CAO DSP AND SO ON" policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains
Content-Type
text/javascript; charset=utf-8
Content-Length
50
Server
PardotServer
expires
Thu, 19 Nov 1981 08:52:00 GMT
roundtrip.js
s.adroll.com/j/
51 KB
17 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.ahtins.com
URL: https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdf2548659475edf6d8a64f3995611a01e349e330783ea5a1aeba2c18b04266e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-Amz-Version-Id
vcd4XbNE_Pl2Teljt1ugU4ZCn1lsldzi
Content-Encoding
gzip
Etag
W/"7e7fdff9ecd026f868e5a44b75a4c8e3"
Age
1752
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 Jun 2022 18:27:02 GMT
Server
AmazonS3
Date
Sat, 18 Jun 2022 17:32:36 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
lHz1cOJknz9FcOHJNXy1orny7KdTtJqO1UVAz0KixYSCQLp6farjig==
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/V3JTXMFWD5B5FEMVTRIMFK/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
762 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Server
2600:9000:2156:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-Amz-Version-Id
QCXe6z8Ijv28a3Z6pj7cPKMX4fdClAik
Via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
Etag
"5816cced8568d223aa09d889f300692b"
Age
63455
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28
Last-Modified
Wed, 18 May 2022 19:09:46 GMT
Server
AmazonS3
Date
Sat, 18 Jun 2022 11:47:53 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
s0ksmZUu3zkKyoNuU2rpkW1R_tG9WYqr4ZWyKOtW0oylqAqvuDXnig==

Redirect headers

Date
Sat, 18 Jun 2022 10:27:05 GMT
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Age
27277
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
LElyvDBaiplN7fJoGYSWdQzyVopIzyRRUECfTeg1gY-KpCT6ptjeKA==
index.js
s.adroll.com/j/pre/
Redirect Chain
  • https://s.adroll.com/j/pre/V3JTXMFWD5B5FEMVTRIMFK/FA5ARS33LFEKBA6F7T4EVZ/fpconsent.js
  • https://s.adroll.com/j/pre/index.js
0
733 B
Script
General
Full URL
https://s.adroll.com/j/pre/index.js
Protocol
HTTP/1.1
Server
2600:9000:2156:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-Amz-Version-Id
nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Etag
"d41d8cd98f00b204e9800998ecf8427e"
Age
77465
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Last-Modified
Wed, 15 Jan 2020 23:54:18 GMT
Server
AmazonS3
Date
Fri, 17 Jun 2022 20:30:58 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
eBVezwgBJtyQQipY302mUgW8tfL-1fEe9IxAdCshOgv4J9_QJmS7Kw==

Redirect headers

Date
Sat, 18 Jun 2022 10:27:05 GMT
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Age
27277
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
0
Server
AmazonS3
Location
https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
jINHR7z72WlTvzWKcycsPY7bM_wk1Odm1y-leKr0iOwzXGvzvlVw9Q==
index.js
s.adroll.com/j/pre/V3JTXMFWD5B5FEMVTRIMFK/FA5ARS33LFEKBA6F7T4EVZ/
4 KB
3 KB
Script
General
Full URL
https://s.adroll.com/j/pre/V3JTXMFWD5B5FEMVTRIMFK/FA5ARS33LFEKBA6F7T4EVZ/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-Amz-Version-Id
8MtBdnHroZvfzd9d65dOSNisYJx9l59G
Content-Encoding
gzip
Etag
W/"33ed216ef4569e95a97e55fb39d91d38"
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
600
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 17 Jun 2022 10:26:45 GMT
Server
AmazonS3
Date
Sat, 18 Jun 2022 18:01:45 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
4T7cXAzkVRTvu7zBmemV-NrvZX5O4oKFVSbCfGgQwDUQ45M8WWg-gA==
V3JTXMFWD5B5FEMVTRIMFK
d.adroll.com/consent/check/
439 B
532 B
Script
General
Full URL
https://d.adroll.com/consent/check/V3JTXMFWD5B5FEMVTRIMFK?arrfrr=https%3A%2F%2Fwww.ahtins.com%2Fnam-cyber-cover-cra-quote-main%2F%3Futm_source%3D261785%26utm_medium%3Demail&_s=15f33057c78f67df6d74e2d2a29b9488&_b=2
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.72.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-72-195.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
0733f3aa2ee78357b43a6794d7e1018d66bd32ed9a05c5ca68d93c883a09583a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 18:01:43 GMT
server
nginx/1.20.0
content-length
439
content-type
application/javascript
consent_tcfv2.js
s.adroll.com/j/
410 KB
55 KB
Script
General
Full URL
https://s.adroll.com/j/consent_tcfv2.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-Amz-Version-Id
44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Content-Encoding
gzip
Etag
W/"0a7d0ea8d7d31b07e925fe340acf431b"
Age
228
X-Amz-Server-Side-Encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Vary
Accept-Encoding
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Last-Modified
Wed, 04 May 2022 19:41:48 GMT
Server
AmazonS3
Date
Sat, 18 Jun 2022 17:57:56 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
K_GI4YlGqwmpJTqSf0XbCUdJXX15ZY9fFHT8B0MB2Wx06Ib-NgcArA==
nextroll-32x32.png
s.adroll.com/i/favicon/
2 KB
2 KB
Image
General
Full URL
https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:b400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.ahtins.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-Amz-Version-Id
eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
Etag
"403a0a7dcf2d617e7ea852bfb9d11945"
Age
601
X-Amz-Server-Side-Encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
1615
Last-Modified
Mon, 28 Jun 2021 18:19:21 GMT
Server
AmazonS3
Date
Sat, 18 Jun 2022 17:51:43 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
X-Amz-Cf-Id
HYvEmi-RZQ-7A9vCljAwKTSy7lAQAOZFaaZSdSDbfPJW6SjUuj42MA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
commonapro.com
URL
https://commonapro.com/BriskCoder/Pub/Media/img/CA-badge2.svg
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300
Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300

Verdicts & Comments Add Verdict or Comment

186 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation string| et_site_url string| et_post_id function| et_core_page_resource_fallback undefined| $ function| jQuery object| a2a_config string| dFlipLocation object| dFlipWPGlobal string| _linkedin_partner_id object| _linkedin_data_partner_ids string| adroll_adv_id string| adroll_pix_id function| googleTranslateElementInit2 function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google function| GTranslateGetCurrentLang function| GTranslateFireEvent function| doGTranslate object| et_animation_data string| GoogleAnalyticsObject function| ga object| et_shortcodes_strings object| et_pb_custom object| et_pb_box_shadow_elements function| lintrk boolean| _already_called_lintrk object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2afeed_init function| et_shortcodes_init boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css function| et_pb_init_modules function| et_pb_debounce function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu object| salvattore function| Waypoint object| ET_SmoothScroll boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ziws object| DFLIP object| PRESENTATION function| ThumbList function| BookMarkViewer function| DFLightBox function| PDFLinkService object| FindStates number| FIND_SCROLL_OFFSET_TOP number| FIND_SCROLL_OFFSET_LEFT object| CHARACTERS_TO_NORMALIZE object| TWEEN object| $et_tooltip object| $et_learn_more function| et_pb_slider_init function| et_pb_audio_module_init function| et_countdown_timer function| et_countdown_timer_labels function| et_apply_parallax function| et_parallax_set_height function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height number| window_width function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_calculate_header_values function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init object| closure_lm_282046 boolean| __adroll_loaded number| $logo_width string| waypointContextKey string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data object| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| __adroll_consent_adv_country object| $jscomp string| BANNER_VERSION string| TCF_VERSION string| IABWRITE_NO_COOKIE object| __adroll_consent_banner boolean| __adroll_consent_prev_lastchild function| __cmp function| __tcfapi

12 Cookies

Domain/Path Name / Value
.ws.zoominfo.com/ Name: visitorId
Value: abb0e0e257b82427b5444590dd253dfe6d2b11c208fb19ca0c36b5f8910de00d
.ahtins.com/ Name: _ga
Value: GA1.2.1781727763.1655575301
.ahtins.com/ Name: _gid
Value: GA1.2.1989472185.1655575301
.ahtins.com/ Name: _gat
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQJhhT_HC2TpsQAAAYF3-kyOAXK1Dtyylr8rNt4XXuZR-NDKdXbjS142_DHtnB2utJpuWYSnFXaU0A
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJSDF4BxoOp7wAAAYF3-kyOs9BVLEyPnR7dkpcu2j-Aj2Ke_uXmB5l4XeZXmoOslkvOQ4-IGDHdOgcF2NH5bw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&db5a109e-577a-4468-8e69-369d23a8b4be"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2722:u=1:x=1:i=1655575301:t=1655661701:v=2:sig=AQHVqJRRJ8CvLyod82RloxohE0vo5aZu"
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202206181801414b802737-66e1-4128-82cd-f12eb93cb27fAQG4bOO4T-PV2Ra-dnW_Dpygi4VY_6iq"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTU1NzUzMDE7MjswMjEJohXJc9s2jG9uXwGC6fUJ7+34PflOXQXpAQwVhkqigQ==

13 Console Messages

Source Level URL
Text
network error URL: https://commonapro.com/BriskCoder/Pub/Media/img/CA-badge2.svg
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security error URL: https://go.pardot.com/l/369451/2022-01-07/mw6yt
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://go.pardot.com/l/369451/2022-01-07/mw6yt(Line 7)
Message:
Mixed Content: The page at 'https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://go.pardot.com/l/369451/2021-03-01/gzsxf
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://go.pardot.com/l/369451/2021-03-01/gzsxf(Line 7)
Message:
Mixed Content: The page at 'https://www.ahtins.com/nam-cyber-cover-cra-quote-main/?utm_source=261785&utm_medium=email' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Open+Sans+Condensed:300'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 317)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 317)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 330)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 330)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 368)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 330)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 330)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.
security error URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js(Line 368)
Message:
The Content Security Policy directive 'sandbox' is ignored when delivered in a report-only policy.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

click.email.nam.org
commonapro.com
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
go.pardot.com
pi.pardot.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.adroll.com
snap.licdn.com
static.addtoany.com
translate.google.com
translate.googleapis.com
ws.zoominfo.com
www.ahtins.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.linkedin.com
commonapro.com
fonts.googleapis.com
13.107.42.14
13.111.180.32
2600:9000:2156:b400:6:9280:1080:93a1
2606:4700:10::ac43:2794
2606:4700::6810:650c
2620:1ec:21::14
2a00:1450:4001:80f::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:831::200e
2a02:26f0:ef::5c7b:c24a
34.237.219.119
35.185.223.163
52.54.96.194
54.154.72.195
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516
0733f3aa2ee78357b43a6794d7e1018d66bd32ed9a05c5ca68d93c883a09583a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
09f2ff5cd11b1e37a29b2935d9fcadfb7fa18d0982c22e22626d990bdcc661ae
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
13c3263d8bb25ff6a012afae05dd34d66a6b2f3f7f5b1cd98ad8a5cda03c16b8
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e299898ff73cd3787728e9ac7742ab0ef2225ac42aca10b1a1c59d65f65d020
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
226456d9a9eef8f0831b6b181be100a49cbaec1651a8bd45d7d0cc897d161538
27bba2f1915a6fd4393d2370077e792a9d805c0319383a656846b24c3e61dbff
32d8da476334740b7fe6e31a78ca8f58470e4a3cdbfd4c2e28154389482fd7e7
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
419d6e9bdaf94d2758192e1312e13ffc6b885f2c37a36734f1dd414abee83a2c
41c9bbceca54fedd98ffeb4f489947d529f4c3bcb0efb0e9cc85d63fc6f0280d
41f1e9970b646aadac0f40543bb08b21e49990bf1b09392d1ef4d71b275069ea
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4ac836d19ba59b13f74176339bbb73a752844e528a338bd9340c945d2f2895c5
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
52cf06797c66d59d2428883cb27b5b083eed8b73ff8e0e11af86ee162e11ad2c
54766371b93c3c4d57d10bb18d3caec76dc8ca56a55db110be6fa33819ca15fb
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
732a85650cf73f86d42d3b89bf9139c2f1bd66db55555c4778ebf4e78e8a0dce
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7ed3a745504e89ee38edb16a6902f6abd161dd398eb3eb322fafb070994415a8
8688d8bd2f7236838a1b86f490b39bf57a09ce96b4a34063695898b536182761
8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e
90ac167f441318f856b674666a45ab4d27c80e388c11c596327db7aa2090f0a7
91144fbcc0e3f609b021e362ec29d2a9b58f15e840f229eb99ea2c04d927882b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a651095f03fb8cf143b680523b8ea0ec1a98ce4f89584e3ae3a8eced9ab4e7de
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aec654176fbd4326e2d0ff673ee9ee7a1062f7073e9994a3e8ccc774df4dd4fc
afcd0c85cfee7b03aa8af3dd391d3b51b4b69d96ea2e0c3bfd6ebdc72583e2d7
b36a5d53ddfbf65fefb6c44604bf6038cabee669fb77a80721113d581d2a8430
b7f2ac1b4332d18df2e10d7b71cc02601537251e9c0ce54cb2dc0e9c88543aba
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdf2548659475edf6d8a64f3995611a01e349e330783ea5a1aeba2c18b04266e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cd666a89949718bebd25fcfe93dc00e14eed80a8186b20f70f09d71f0d327a45
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d506ecf0f66315db67dd5d02ef1ba6b3a8572a641a3a2263b55c864bbc961dd0
dbd207341715a75c305595a31000d8a044cba9b815c5653805b4b0a1dc4b0f21
dcf430710cdd1359115293f45d5023b2a560aef8a2c1e59d578b8b1e10a216d3
e04ba77c47bc3a299b8dc20a36b3c3bc5f64d629bb43e39ced7eef17dc9b19f1
e051e0747e00cbf46985db2f3d8017641dd2e9bb729dfbddd01b99ab0d3983f5
e3a07ed01728a97e3a6d4f52e004efed64b49eed1cb7b74718607dfb53d0f067
e3af1b121dc932f286e1495579fbc59cda6db6b7d32ffcc8a3277d40b3e021cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9663d7a6b37ddfc9d7f6ad81f77afdfdb13cd11a9c8d7aa972fd09c23985ab8
ec91979583b005e1b2a5fe7cf71052792398e9dbbba2d6cba3962b2a5e5ded85
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8d568516a7b22c601da2235f74a0f55cbefe8c054c36fea003b01b822963027
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47