midwesthearingagency.com Open in urlscan Pro
131.153.44.48  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 Page URL
2. https://midwesthearingagency.com/benefits-of-midwest-complete Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

• https://app-3qnkr3w3g8.marketingautomation.services/prospector/form/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o HTTP 302
• https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o

Request Chain 37

• https://s.adroll.com/j/exp/ZSGGXALNCNANFEQIFE4RUL/index.js HTTP 302
• https://s.adroll.com/j/exp/index.js

Request Chain 38

• https://s.adroll.com/j/pre/ZSGGXALNCNANFEQIFE4RUL/VDBF6FBR75A3BEZRDNSJ4Q/fpconsent.js HTTP 302
• https://s.adroll.com/j/pre/index.js

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
-1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	lp1.aspx Show response www.cfmediaview.com/	703 B 1 KB	845ms 589ms	Document text/html	192.132.30.226 THRIVE-EAST2
General Check archive.org Show headers Download Go to Full URL https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 192.132.30.226 Johnston, United States, ASN55189 (THRIVE-EAST2, US), Reverse DNS 192.132.30.226.corpitsol.com Software Microsoft-IIS/8.5 / ASP.NET Resource Hash 16c1bb635c5b2aed53fe320d46d179bebfa860f103b60cb84e316d0244c919c2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Cache-Control private Content-Type text/html; charset=utf-8 Content-Encoding gzip Vary Accept-Encoding Server Microsoft-IIS/8.5 X-AspNet-Version 4.0.30319 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"); Referrer-Policy unsafe-url Refresh 0; URL='https://midwesthearingagency.com/benefits-of-midwest-complete' X-Powered-By ASP.NET Date Mon, 20 Dec 2021 14:14:55 GMT Content-Length 548
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	138ms 51ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-6532125-2 Requested by Host: www.cfmediaview.com URL: https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 83be769e5a9bdb6ff90f05c494e44f944a97fd9dc9768c3815355364a7c8ec80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:45 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36312 x-xss-protection 0 last-modified Mon, 20 Dec 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Dec 2021 14:14:45 GMT
GET H2	200	analytics.js www.google-analytics.com/	49 KB 20 KB	125ms 37ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-6532125-2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2391 date Mon, 20 Dec 2021 13:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 20 Dec 2021 15:34:54 GMT
GET H/1.1	200 OK	Primary Request benefits-of-midwest-complete Show response midwesthearingagency.com/	17 KB 17 KB	1106ms 901ms	Document text/html	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / PHP/7.4.12 Resource Hash 02bf750f8dfec22eab22cced22d9e180c9a86645942141de1238a0f836b0c03e Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 Response headers Date Mon, 20 Dec 2021 14:14:45 GMT Server Apache X-Powered-By PHP/7.4.12 Cache-Control no-cache, private X-Frame-Options SAMEORIGIN Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H2	200	collect www.google-analytics.com/j/	1 B 209 B	46ms 45ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=645828981&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=557749322&gjid=757836372&cid=987714840.1640009686&tid=UA-6532125-2&_gid=651949115.1640009686&_r=1&gtm=2ouc10&tc=x&z=244075841 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:45 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.cfmediaview.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	jquery.js Show response midwesthearingagency.com/concrete/js/	95 KB 95 KB	302ms 97ms	Script application/javascript	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/concrete/js/jquery.js?ccm_nocache=ca17add95b11d1baf3d74fcd3fa4637fb02c14ba Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Wed, 03 Apr 2019 20:14:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 97163
GET H/1.1	200 OK	font-awesome.css midwesthearingagency.com/concrete/css/	30 KB 31 KB	168ms 94ms	Stylesheet text/css	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/concrete/css/font-awesome.css?ccm_nocache=ca17add95b11d1baf3d74fcd3fa4637fb02c14ba Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 1a93bc35ec0b525dffa555be6e3b451e59527878dd8db7db4ca3ffb808ebe3de Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:46 GMT Last-Modified Wed, 03 Apr 2019 20:14:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 31023
GET H/1.1	200 OK	jquery-ui.css midwesthearingagency.com/concrete/css/	16 KB 16 KB	263ms 93ms	Stylesheet text/css	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/concrete/css/jquery-ui.css?ccm_nocache=ca17add95b11d1baf3d74fcd3fa4637fb02c14ba Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash ce4bc908df00c0e57889606fd7cc4a562529ea7509ef61c2e63061e106c2ec35 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Wed, 03 Apr 2019 20:14:56 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 16427
GET H/1.1	200 OK	bootstrap.min.css midwesthearingagency.com/application/themes/midwesthearingagency/css/	119 KB 119 KB	298ms 97ms	Stylesheet text/css	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/css/bootstrap.min.css Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Fri, 17 Jul 2020 03:37:32 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 121457
GET H/1.1	200 OK	custom.css midwesthearingagency.com/application/themes/midwesthearingagency/css/	22 KB 23 KB	301ms 100ms	Stylesheet text/css	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 0c0222dd57cc0d5413ac93136699b166c333054853d772f9908eb95bc2958e7c Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Sun, 21 Nov 2021 18:27:58 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 22842
GET H2	200	blank.png gtranslate.net/flags/	95 B 760 B	54ms 24ms	Image image/png	2606:4700:3037::ac43:9feb CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gtranslate.net/flags/blank.png Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:9feb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 736863 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 95 last-modified Wed, 23 May 2018 22:32:56 GMT server cloudflare etag "3950a-5f-56ce71dc13b46" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAL5WYLkKD5FkVDzpHlf2cW%2FSuo4FHmVWTXvS22OkdSzDuaPQfKpbl1meqA8DmoUXdRpEg%2FoUThAGPSym999Mda5FHbbzY2IDJ6%2BEvWX54dpwBYS85N9qydZItn893aFnzc2deKCBpUHj6a2hg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=864000 accept-ranges bytes cf-ray 6c097aa23f756903-FRA expires Wed, 22 Dec 2021 01:33:44 GMT
GET H2	200	element.js Show response translate.google.com/translate_a/	77 KB 27 KB	138ms 55ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e0c9b75c748366571a6d138025a9c906c4cf9348e406a375e3c19fac31bd6dff Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	logo-midwest-hearing-agency.svg midwesthearingagency.com/application/themes/midwesthearingagency/img/	15 KB 15 KB	101ms 99ms	Image image/svg+xml	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Show image Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/img/logo-midwest-hearing-agency.svg Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash e57aede7c3f4992895f9aa00aced7685c28517c3869b6aec9e1c8a0ddfc2029e Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Mon, 10 Aug 2020 00:43:45 GMT Server Apache Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 15190
GET H/1.1	200 OK	mother-daughter.jpg midwesthearingagency.com/application/files/6816/3392/7875/	62 KB 62 KB	98ms 98ms	Image image/jpeg	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Show image Full URL https://midwesthearingagency.com/application/files/6816/3392/7875/mother-daughter.jpg Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 235c8bfa8733acdd51a01f9472d32ba850e6e7256339903c4de94f551597d2a0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Mon, 11 Oct 2021 04:51:15 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 63009
GET H/1.1	200 OK	woman-headset.jpg midwesthearingagency.com/application/files/2316/3392/6606/	52 KB 52 KB	174ms 97ms	Image image/jpeg	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Show image Full URL https://midwesthearingagency.com/application/files/2316/3392/6606/woman-headset.jpg Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash f7faee26a3139bd442de00730e920f4e57c4ba1037add8046d3dd26da557e8a4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Mon, 11 Oct 2021 04:30:06 GMT Server Apache Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 53236
GET H2	200	form.js Show response koi-3qnkr3w3g8.marketingautomation.services/client/	3 KB 1 KB	190ms 116ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://koi-3qnkr3w3g8.marketingautomation.services/client/form.js?ver=2.0.1 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 14b63cf8d762d7118924d182b7f6bd9a45ca408b13dfeaca8da0735f26a70e85 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:42 GMT server openresty etag W/"61bcba06-a49" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.11.3/	94 KB 33 KB	125ms 40ms	Script text/javascript	2a00:1450:4001:809::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 13:50:39 GMT content-encoding gzip x-content-type-options nosniff age 1448 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33507 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 20 Dec 2022 13:50:39 GMT
GET H/1.1	200 OK	jquery-ui.js Show response midwesthearingagency.com/concrete/js/	179 KB 179 KB	104ms 102ms	Script application/javascript	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/concrete/js/jquery-ui.js Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 5d1296e02e95ef8b563cf40c8bf486451bc4889a5f5f191a4896a8da5cc70aa3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Wed, 03 Apr 2019 20:14:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 183207
GET H/1.1	200 OK	bootstrap.min.js Show response midwesthearingagency.com/application/themes/midwesthearingagency/js/	39 KB 39 KB	104ms 101ms	Script application/javascript	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/js/bootstrap.min.js Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Fri, 17 Jul 2020 03:37:32 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 39680
GET H/1.1	200 OK	jquery-ui.js Show response midwesthearingagency.com/concrete/js/	179 KB 179 KB	99ms 97ms	Script application/javascript	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/concrete/js/jquery-ui.js?ccm_nocache=ca17add95b11d1baf3d74fcd3fa4637fb02c14ba Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 5d1296e02e95ef8b563cf40c8bf486451bc4889a5f5f191a4896a8da5cc70aa3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Wed, 03 Apr 2019 20:14:56 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 183207
GET H/1.1	200 OK	js Show response midwesthearingagency.com/ccm/assets/localization/jquery/ui/	45 B 335 B	521ms 519ms	Script application/javascript	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/ccm/assets/localization/jquery/ui/js Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / PHP/7.4.12 Resource Hash 2d44ee9295de3ac0f6792ead63a3dfcd612770a806147b8ddb4dc51e33b1ccec Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Server Apache X-Powered-By PHP/7.4.12 X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=UTF-8 Cache-Control no-cache, private Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 45
GET H2	200	hotjar-1955862.js Show response static.hotjar.com/c/	4 KB 2 KB	25ms 7ms	Script application/javascript	52.222.236.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1955862.js?sv=6 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.3 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-3.fra56.r.cloudfront.net Software / Resource Hash 25824385a82e108140811bd11ba0f203d546c15087bdcdc515455e1a2ac29f8f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:24 GMT content-encoding br x-content-type-options nosniff age 23 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 1876 access-control-allow-origin * cache-control max-age=60 etag W/00f2018840ff930371958d23182b1365 vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 3431ec594cac61983aae2d9ffaf23981.cloudfront.net (CloudFront) x-cache-hit 1 x-amz-cf-pop FRA56-P4 x-amz-cf-id 7OAeYi7mw6PF2Vtf6g1t791KtpHRg113m6KPeyR2p2etO2IHMeiIRA==
GET H3	200	gtm.js Show response www.googletagmanager.com/	171 KB 61 KB	105ms 60ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5BRQ6S8 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 15c8d1ee2470bbf3b0a2c6096d799afa5d4db1ef8638e18028bc024e9fcb3233 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62830 x-xss-protection 0 last-modified Mon, 20 Dec 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 20 Dec 2021 14:14:47 GMT
GET H2	200	1.css fast.fonts.net/t/	0 601 B	78ms 37ms	Stylesheet text/css	2606:4700::6811:e14e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fast.fonts.net/t/1.css?apiType=css&projectid=d78dddb1-23a3-4d09-888f-2de5820c646f Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT cf-cache-status HIT age 1401 cf-ray 6c097aa24cc72b89-FRA content-length 0 x-amz-id-2 fT3eEwaRQrYtVA5YHtCIzwe8FPqVaivNJy/akqArAQU/Aeob2SL07zjPVPDkactG298ACRND/qI= last-modified Tue, 23 Mar 2021 12:59:23 GMT server cloudflare etag "d41d8cd98f00b204e9800998ecf8427e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id BWKK0WPNQTB2AT7Q cache-control public, max-age=0, s-maxage=604800 accept-ranges bytes content-type text/css; charset=utf-8 x-amz-meta-mtime 1519217722
GET H2	200	modules.cbd9b920d05cd9e47f57.js Show response script.hotjar.com/	227 KB 60 KB	24ms 8ms	Script application/javascript	18.66.112.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1955862.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-111.fra56.r.cloudfront.net Software / Resource Hash 2a76024584e2692938f4dd0feb5b77e96a0bdc93d8661f8c855a7546125552f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 08 Dec 2021 15:36:06 GMT content-encoding br x-content-type-options nosniff age 1031921 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 60953 access-control-allow-origin * last-modified Wed, 08 Dec 2021 15:35:08 GMT etag "7a85a2a595def8796a50e919e49cda7a" vary Accept-Encoding content-type application/javascript via 1.1 604f8ac78ed3ba5235c1a14794f2ac65.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA56-P5 accept-ranges bytes x-robots-tag none x-amz-cf-id 7XIpQ3bsAm528e_0wp6y6OxNiD_ngAPQi87GT77JsUjr1WbLeBIfDg==
GET H/1.1	200 OK	flags.png midwesthearingagency.com/application/themes/earserv/img/	57 KB 58 KB	215ms 97ms	Image image/png	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Show image Full URL https://midwesthearingagency.com/application/themes/earserv/img/flags.png Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 37c5cadd65da50f1423ff9163ea382eef6e4719f442776646e3dc2b1ca5c349d Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/benefits-of-midwest-complete User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Tue, 09 Mar 2021 16:18:00 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 58849
GET H/1.1	200 OK	b3915bfd-58a8-4f7e-b38f-262d3cac55e1.woff2 midwesthearingagency.com/application/themes/midwesthearingagency/fonts/optima-lt/	35 KB 35 KB	128ms 108ms	Font font/woff2	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/fonts/optima-lt/b3915bfd-58a8-4f7e-b38f-262d3cac55e1.woff2 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 9f44f646100b20c6fbae1a5a1ee70e05b98842a57da099ab79e7c3dcf7586bcf Request headers Referer https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Tue, 21 Jul 2020 23:57:28 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 35504
GET H/1.1	200 OK	e843ecbd-4830-44a4-a280-c2500c9d3fdb.woff2 midwesthearingagency.com/application/themes/midwesthearingagency/fonts/optima-lt/	32 KB 33 KB	173ms 94ms	Font font/woff2	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/fonts/optima-lt/e843ecbd-4830-44a4-a280-c2500c9d3fdb.woff2 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash bb7af14194b9c22d08992f5a1d1178751f01cb6013ca378ed174dd86c9322f91 Request headers Referer https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Tue, 21 Jul 2020 23:57:24 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 33132
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	41ms 41ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BRQ6S8 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 2393 date Mon, 20 Dec 2021 13:34:54 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Mon, 20 Dec 2021 15:34:54 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	37 KB 14 KB	154ms 65ms	Script text/javascript	172.217.16.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BRQ6S8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.16.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS zrh04s06-in-f130.1e100.net Software cafe / Resource Hash 9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14328 x-xss-protection 0 server cafe etag 12503521247758841375 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 20 Dec 2021 14:14:47 GMT
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	45 KB 15 KB	29ms 11ms	Script text/javascript	2600:9000:225e:400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BRQ6S8 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c3f2ab52b3d6c9aa91f70abee6b043536572dbd61df0a4692fae2ea3fa370ae6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers X-Amz-Version-Id MWqkRO6_H6LFWMG7znvACDwpQU7EEcnz Content-Encoding gzip Etag W/"c74adc5a38d928e9ea66fc212e89e1a7" Age 463 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Vary Accept-Encoding Via 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront) Last-Modified Wed, 15 Dec 2021 16:55:15 GMT Server AmazonS3 Date Mon, 20 Dec 2021 14:07:04 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA60-P4 Access-Control-Allow-Headers * X-Amz-Cf-Id pHNySRCum-8H-wBDRxHMU_xmKRQEHRJm1RLZIu3sMdCAIJ1A04Zk6A==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	23ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.cfmediaview.com URL: https://www.cfmediaview.com/lp1.aspx?v=5_65908345_8155_1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 content-length 25965 x-xss-protection 0 pragma public x-fb-debug 2TReEsJkEmmiAeMBAQa1dpNYxDTIqKeSIwsw2xXouO+k/Puffkh4YaX98GSA6bh5ReepRSUrCvmK9DVM4JnPdA== x-fb-trip-id 686109401 x-frame-options DENY date Mon, 20 Dec 2021 14:14:47 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	swap.js Show response cdn.callrail.com/companies/901504282/8618d17c7f376b4cf58a/12/	32 B 312 B	332ms 110ms	Script text/javascript	3.210.187.106 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://cdn.callrail.com/companies/901504282/8618d17c7f376b4cf58a/12/swap.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BRQ6S8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.187.106 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-187-106.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash d18beba8a6db32dd84b24258cf6542acca7684b030e529ef2977198993400c4b Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-runtime 0.007229 date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip server nginx/1.18.0 (Ubuntu) etag W/"d18beba8a6db32dd84b24258cf6542ac" content-type text/javascript; charset=utf-8 status 200 OK cache-control max-age=3600, public timing-allow-origin * x-request-id 94563441-9aa6-4455-aedf-2bfd8ed60034
GET H2	200	translateelement.css translate.googleapis.com/translate_static/css/	18 KB 4 KB	140ms 40ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/translate_static/css/translateelement.css Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.j5NLV82Sl0c.O/d=1/rs=AN8SPfphobZaSED_OFCGoT0ierVVitUhTQ/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5d0a6e3bc914db376bf187c380750b197c317e1bf40fab9ad959ad5facd8f9ed Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:08:49 GMT content-encoding br x-content-type-options nosniff age 358 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3130 x-xss-protection 0 last-modified Wed, 24 Feb 2021 19:45:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/css access-control-allow-origin * cache-control public, max-age=3600 accept-ranges bytes expires Mon, 20 Dec 2021 15:08:49 GMT
GET H2	200	m=el_main Show response translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.j5NLV82Sl0c.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpHXsOBCz0Pt47PjbseeIJqpUxpIw/	225 KB 225 KB	142ms 43ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.de.j5NLV82Sl0c.O/am=AQ/d=1/exm=el_conf/ed=1/rs=AN8SPfpHXsOBCz0Pt47PjbseeIJqpUxpIw/m=el_main Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.de.j5NLV82Sl0c.O/d=1/rs=AN8SPfphobZaSED_OFCGoT0ierVVitUhTQ/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c526de4309c6f37e56f6ade582559dc5fc9476bb0fcaf6b40b6797e803608b89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:08:48 GMT x-content-type-options nosniff age 359 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 229958 x-xss-protection 0 last-modified Tue, 14 Dec 2021 16:11:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 20 Dec 2022 14:08:48 GMT
GET H/1.1	200 OK	cb23a886-31be-4b27-8066-bcffc1b403e7.woff2 midwesthearingagency.com/application/themes/midwesthearingagency/fonts/optima-lt/	33 KB 33 KB	109ms 97ms	Font font/woff2	131.153.44.48 SS-ASH
General Check archive.org Show headers Download Go to Full URL https://midwesthearingagency.com/application/themes/midwesthearingagency/fonts/optima-lt/cb23a886-31be-4b27-8066-bcffc1b403e7.woff2 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 131.153.44.48 Ashburn, United States, ASN19437 (SS-ASH, US), Reverse DNS server.ESCO.vps Software Apache / Resource Hash 9eeaf8f01e77f6d552a36984548b723250ed92b9a0f7de1409a23594e74e314b Request headers Referer https://midwesthearingagency.com/application/themes/midwesthearingagency/css/custom.css Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Mon, 20 Dec 2021 14:14:47 GMT Last-Modified Tue, 21 Jul 2020 23:57:26 GMT Server Apache Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 33420
GET H2	200	SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA Show response app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/ Frame EF8C Redirect Chain https://app-3qnkr3w3g8.marketingautomation.services/prospector/form/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_6... https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908...	39 KB 40 KB	138ms 138ms	Document text/html	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Requested by Host: koi-3qnkr3w3g8.marketingautomation.services URL: https://koi-3qnkr3w3g8.marketingautomation.services/client/form.js?ver=2.0.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software nginx/1.21.4 / Resource Hash 5271354cdde48c8ae70553ea10ac46ad9f11cd4b4ac4cd629932b016e8649071 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ Response headers server nginx/1.21.4 date Mon, 20 Dec 2021 14:14:47 GMT content-type text/html content-length 40409 x-guploader-uploadid ADPycdvT2QkCkeoxbLL7us1MCr161qVdzmcNBWgxtgcIAewswsIAcKNE1P-HE4w3bQvsbhKYy2_PKr9oliA5N5CQAw cache-control no-cache expires Tue, 20 Dec 2022 14:14:47 GMT last-modified Fri, 15 Oct 2021 00:00:25 GMT etag "1b024885f66cec046f28902bde952092" x-goog-generation 1634256025762765 x-goog-metageneration 1 x-goog-stored-content-encoding identity x-goog-stored-content-length 40409 x-goog-hash crc32c=CJ7Gkw== md5=GwJIhfZs7ARvKJAr3pUgkg== x-goog-storage-class MULTI_REGIONAL accept-ranges bytes via 1.1 google alt-svc clear Redirect headers server openresty date Mon, 20 Dec 2021 14:14:47 GMT content-type text/html; charset=UTF-8 pod-hostname koi-7b8f78b55d-n5j6n location https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o x-xss-protection 1; mode=block x-clacks-overhead GNU Terry Pratchett via 1.1 google alt-svc clear
GET H2	200	1filmcr21 Show response embed.tawk.to/61738ef486aee40a5737f4fd/	2 KB 979 B	49ms 18ms	Script application/x-javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf6f41e85dc09114c488398ecec3d1363255658858bf52554f8b1cb4a9b711d1 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT server cloudflare age 1400 etag W/"stable-v4-61adcafd0e1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=7200, s-maxage=3600 strict-transport-security max-age=0; includeSubDomains; preload cf-ray 6c097aa3ace6701f-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/exp/ Redirect Chain https://s.adroll.com/j/exp/ZSGGXALNCNANFEQIFE4RUL/index.js https://s.adroll.com/j/exp/index.js	28 B 763 B	8ms 8ms	Script application/javascript	2600:9000:225e:400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/exp/index.js Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Server 2600:9000:225e:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers X-Amz-Version-Id VxC0v7SN4NsT_sJxZYoy27yA4ALlRfhC Via 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront) Etag "5816cced8568d223aa09d889f300692b" Age 121294 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 28 Last-Modified Mon, 18 Oct 2021 21:07:54 GMT Server AmazonS3 Date Sun, 19 Dec 2021 23:44:43 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA60-P4 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id J9Lk0U3oabdhulAEit4NHwjvHFkvtpZRgn6yXIXK4q29rhWSEm5mbg== Redirect headers Date Sun, 19 Dec 2021 17:53:38 GMT Via 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront) Age 73269 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/exp/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA60-P4 Access-Control-Allow-Headers * X-Amz-Cf-Id kkqJq2nPAE6_LIIU6L3yDACxcxnun-fjhrjQaUHtLO6SyqMsFjgPYg==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ Redirect Chain https://s.adroll.com/j/pre/ZSGGXALNCNANFEQIFE4RUL/VDBF6FBR75A3BEZRDNSJ4Q/fpconsent.js https://s.adroll.com/j/pre/index.js	0 734 B	8ms 8ms	Script application/javascript	2600:9000:225e:400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/index.js Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol HTTP/1.1 Server 2600:9000:225e:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers X-Amz-Version-Id nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy Via 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront) Etag "d41d8cd98f00b204e9800998ecf8427e" Age 122693 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Wed, 15 Jan 2020 23:54:18 GMT Server AmazonS3 Date Sun, 19 Dec 2021 18:19:20 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/javascript Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA60-P4 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id KMshrTqeDIQRX8Rt35vM8IYFGJrLsmMBrzdW4L2hQ2ZtYWYhemOLVg== Redirect headers Date Sun, 19 Dec 2021 17:53:38 GMT Via 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront) Age 73269 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Server AmazonS3 Location https://s.adroll.com/j/pre/index.js Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type application/xml Access-Control-Allow-Origin * Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA60-P4 Access-Control-Allow-Headers * X-Amz-Cf-Id EUSKeldWabsSOWsqwDmyx91_khpKEHIsUR2ClWFot_jY4-ntJPGyPA==
GET H/1.1	200 OK	index.js Show response s.adroll.com/j/pre/ZSGGXALNCNANFEQIFE4RUL/VDBF6FBR75A3BEZRDNSJ4Q/	0 786 B	24ms 8ms	Script text/javascript	2600:9000:225e:400:6:9280:1080:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/pre/ZSGGXALNCNANFEQIFE4RUL/VDBF6FBR75A3BEZRDNSJ4Q/index.js Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:400:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers X-Amz-Version-Id JS2fCx4DKDGFuJI8oSayDnlnhkX.FOoj Via 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront) Etag "d41d8cd98f00b204e9800998ecf8427e" Age 1401 X-Amz-Server-Side-Encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 0 Last-Modified Fri, 17 Dec 2021 21:31:45 GMT Server AmazonS3 Date Mon, 20 Dec 2021 14:14:26 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false X-Amz-Cf-Pop FRA60-P4 Accept-Ranges bytes Access-Control-Allow-Headers * X-Amz-Cf-Id gecD8HZIgy2GJ96xOUrVzfXRWm5lCQUWLF0AW-vxsHVxkuhPcw_avw==
GET H3	200	314801716297030 Show response connect.facebook.net/signals/config/	305 KB 87 KB	65ms 55ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/314801716297030?v=2.9.48&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b6eedfaabf3cc85f58f07eb3a4d480bfc5634a4f7c1c9d3fa6dab7f470b43b12 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug uXLQf2LxKQU+jCKLG2UxUf9szSRnOD73LxCC8UAOD7yTuPEu/xhdg4CIdq6mcWgZRhxN8Yw+Ma1yKMTsuNyyOw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 20 Dec 2021 14:14:47 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	46ms 45ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=803471780&t=pageview&_s=1&dl=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&dr=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&ul=en-us&de=UTF-8&dt=The%20Benefits%20of%20Midwest%20Complete%20%3A%3A%20Midwest%20Hearing%20Agency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=15872156&gjid=1622584222&cid=355268205.1640009688&tid=UA-174942456-1&_gid=1760212729.1640009688&_r=1&gtm=2wgc105BRQ6S8&z=2062099799 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://midwesthearingagency.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	46ms 45ms	XHR text/plain	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=803471780&t=pageview&_s=1&dl=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&dr=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&ul=en-us&de=UTF-8&dt=The%20Benefits%20of%20Midwest%20Complete%20%3A%3A%20Midwest%20Hearing%20Agency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=83630600&gjid=1773850131&cid=355268205.1640009688&tid=UA-60887507-14&_gid=1760212729.1640009688&_r=1&gtm=2wgc105BRQ6S8&z=325308556 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://midwesthearingagency.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 448 B	58ms 18ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-174942456-1&cid=355268205.1640009688&jid=15872156&gjid=1622584222&_gid=1760212729.1640009688&_u=YEBAAAAAAAAAAC~&z=1616651519 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 20 Dec 2021 14:14:47 GMT content-type text/plain access-control-allow-origin https://midwesthearingagency.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	56ms 19ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-60887507-14&cid=355268205.1640009688&jid=83630600&gjid=1773850131&_gid=1760212729.1640009688&_u=YEDAAEABAAAAAC~&z=761874560 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 20 Dec 2021 14:14:47 GMT content-type text/plain access-control-allow-origin https://midwesthearingagency.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 295 B	29ms 14ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=314801716297030&ev=PageView&dl=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&rl=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&if=false&ts=1640009687703&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1640009687701.1754039465&it=1640009687600&coo=false&rqm=GET Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 content-length 44 expires Mon, 20 Dec 2021 14:14:47 GMT
GET H2	200	ZSGGXALNCNANFEQIFE4RUL Show response d.adroll.com/consent/check/	396 B 489 B	92ms 34ms	Script application/javascript	108.128.45.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/ZSGGXALNCNANFEQIFE4RUL?arrfrr=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&_s=140ca4e4107214d1f5b560dbd1201500&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.128.45.100 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-108-128-45-100.eu-west-1.compute.amazonaws.com Software nginx/1.20.0 / Resource Hash 332a362f21c57ad406cb74ca4e5becd58c718e45a06749ab25ea53b56062ae37 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT server nginx/1.20.0 content-length 396 content-type application/javascript
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/605840202/	2 KB 2 KB	142ms 52ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/605840202/?random=1640009687711&cv=9&fst=1640009687711&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&ref=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&tiba=The%20Benefits%20of%20Midwest%20Complete%20%3A%3A%20Midwest%20Hearing%20Agency&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6a9fdd08f4b7195c13d8286e5109c9743df4d9b72a9e3a8f3a5812f18905e8dc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1090 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	146ms 63ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-174942456-1&cid=355268205.1640009688&jid=15872156&_u=YEBAAAAAAAAAAC~&z=1734768078 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	150ms 66ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-174942456-1&cid=355268205.1640009688&jid=15872156&_u=YEBAAAAAAAAAAC~&z=1734768078 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	146ms 64ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60887507-14&cid=355268205.1640009688&jid=83630600&_u=YEDAAEABAAAAAC~&z=2020764280 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	149ms 66ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-60887507-14&cid=355268205.1640009688&jid=83630600&_u=YEDAAEABAAAAAC~&z=2020764280 Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/605840202/	42 B 154 B	54ms 53ms	Image image/gif	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/605840202/?random=1640009687711&cv=9&fst=1640008800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&ref=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&tiba=The%20Benefits%20of%20Midwest%20Complete%20%3A%3A%20Midwest%20Hearing%20Agency&async=1&fmt=3&is_vtc=1&random=3638026075&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/605840202/	42 B 154 B	50ms 50ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/605840202/?random=1640009687711&cv=9&fst=1640008800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&ref=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&tiba=The%20Benefits%20of%20Midwest%20Complete%20%3A%3A%20Midwest%20Hearing%20Agency&async=1&fmt=3&is_vtc=1&random=3638026075&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers pragma no-cache date Mon, 20 Dec 2021 14:14:47 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	formbasics.css app-3qnkr3w3g8.marketingautomation.services/includes/css/ Frame EF8C	7 KB 2 KB	117ms 117ms	Stylesheet text/css	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/css/formbasics.css Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 24b5668ee7b2174557f042fca06fed448704dd0aa3c115dd6257eb653dc6e035 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:23:58 GMT server openresty etag W/"61bcb99e-1bca" vary Accept-Encoding content-type text/css via 1.1 google pod-hostname app-787c697986-dxvt5 alt-svc clear
GET H2	200	jquery-ui.min.css app-3qnkr3w3g8.marketingautomation.services/includes/css/jquery/ Frame EF8C	31 KB 9 KB	118ms 117ms	Stylesheet text/css	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/css/jquery/jquery-ui.min.css Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash a1756adc350c37ea26d71ee00ad027bbf35204bff9fb040ecfb5c1a64971cffc Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:22:38 GMT server openresty etag W/"61bcb94e-7d0a" vary Accept-Encoding content-type text/css via 1.1 google pod-hostname app-787c697986-6tfqp alt-svc clear
GET H2	200	base.css app-3qnkr3w3g8.marketingautomation.services/includes/css/jquery/datepicker/ Frame EF8C	4 KB 1 KB	117ms 117ms	Stylesheet text/css	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/css/jquery/datepicker/base.css Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 1a47e85dd8ec320d900f14082243d3af1051e6cb4e7fb8ba8807c6b903530e8a Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:22:38 GMT server openresty etag W/"61bcb94e-f70" vary Accept-Encoding content-type text/css via 1.1 google pod-hostname app-787c697986-dxvt5 alt-svc clear
GET H2	200	datetimepicker.css app-3qnkr3w3g8.marketingautomation.services/includes/css/ Frame EF8C	9 KB 3 KB	121ms 120ms	Stylesheet text/css	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/css/datetimepicker.css Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 7379f6d1c8b7eb53ba56a08e3e5f690f4a79ca5a9a940f0b74769cb04d464d98 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:23:58 GMT server openresty etag W/"61bcb99e-237e" vary Accept-Encoding content-type text/css via 1.1 google pod-hostname app-787c697986-6tfqp alt-svc clear
GET H2	200	jquery-1.7.2.min.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/ Frame EF8C	92 KB 38 KB	121ms 120ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 103631f0296614d362e698668390c9c69484dec4579a12380cd0d8a7f197fa70 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:34 GMT server openresty etag W/"61bcb9fe-16fa7" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	jquery.validate.min.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/ Frame EF8C	20 KB 8 KB	123ms 121ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery.validate.min.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash cb775fe5eb4ca95dd6818a5ca65d4ffa1a2327797c5e2677f4d63f34c80ffd37 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:41 GMT server openresty etag W/"61bcba05-5190" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	additional-methods.min.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/ Frame EF8C	17 KB 5 KB	117ms 115ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/additional-methods.min.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 1e6f4e1fb3197d60d5c7f8f7f738deeff94b513f07e0ad5ca7c4ea85479eb4a0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:23 GMT server openresty etag W/"61bcb9f3-4230" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	jquery.form.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/ Frame EF8C	13 KB 5 KB	137ms 135ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery.form.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 2537571109b8e5379ecc8b4c6e60449bf440b6f38e7bc5396e0189eb0512e691 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:41 GMT server openresty etag W/"61bcba05-3248" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	jquery-ui.min.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/ Frame EF8C	248 KB 82 KB	124ms 122ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery-ui-1.12.1/jquery-ui.min.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:22:39 GMT server openresty etag W/"61bcb94f-3dee5" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	datetimepicker.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/ Frame EF8C	37 KB 13 KB	138ms 136ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/datetimepicker.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash b57949e9fc46fd9cd4e6089a9754e54358964a3951063dc41c6705ce04ba46b4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:34 GMT server openresty etag W/"61bcb9fe-94cc" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H2	200	jquery.placeholder.js Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/core/ Frame EF8C	2 KB 924 B	137ms 136ms	Script application/javascript	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery.placeholder.js?ver=5.75-35 Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 796f96485a701d37f12ede7be54f50d257d5fd3b0288f883b08448b1a5dad170 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:25:41 GMT server openresty etag W/"61bcba05-7e6" vary Accept-Encoding content-type application/javascript via 1.1 google cache-control max-age=2592000, public alt-svc clear expires Wed, 19 Jan 2022 14:14:47 GMT
GET H3	200	api.js Show response www.google.com/recaptcha/ Frame EF8C	850 B 578 B	98ms 48ms	Script text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:47 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 557 x-xss-protection 1; mode=block expires Mon, 20 Dec 2021 14:14:47 GMT
GET H2	200	box-a1ae2079824d1c48aa9ce06efb256f18.html Show response vars.hotjar.com/ Frame 53AC	2 KB 1 KB	24ms 7ms	Document text/html	18.66.139.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1955862.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-117.fra60.r.cloudfront.net Software / Resource Hash d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ Response headers content-type text/html content-length 1044 date Thu, 02 Dec 2021 15:53:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "6215abf691a11c2f451680e635d30daa" last-modified Thu, 02 Dec 2021 15:52:57 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 da78abc509aafffb42eec33ca2dc60d5.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 x-amz-cf-id Y9TuzM1yAZneXEYvRyRrdqdd6hRbzeFlkEgeBpmHC9jN6xLMoIZ-OA== age 1549301
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1955862/	146 B 323 B	94ms 33ms	XHR application/json	99.80.125.216 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1955862/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.cbd9b920d05cd9e47f57.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 99.80.125.216 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-99-80-125-216.eu-west-1.compute.amazonaws.com Software / Resource Hash 1739c041fc4394d8b8b79f708997ba2694f6156bbb410a8f0476a980939bf1de Request headers Referer https://midwesthearingagency.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H2	200	freeemailproviderlist.json Show response app-3qnkr3w3g8.marketingautomation.services/includes/js/app/ Frame EF8C	75 KB 21 KB	118ms 118ms	Fetch application/json	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/includes/js/app/freeemailproviderlist.json Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/forms-proxy/MzawMDG3sDAxAgA/SzO0TE5NsjTWNbcwMNY1sTBJ07VMSU7WNTAyNbQwM7FINElKAQA?rf__sb=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&instance=2mnn3o Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 388aa70d1f1988f2fb5216833df8b822756d997b51c9ff9d382a58393f423b9c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding gzip last-modified Fri, 17 Dec 2021 16:22:39 GMT server openresty etag W/"61bcb94f-12ab2" vary Accept-Encoding content-type application/json via 1.1 google pod-hostname app-787c697986-dxvt5 alt-svc clear
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame EF8C	348 KB 137 KB	127ms 40ms	Script text/javascript	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer Origin https://app-3qnkr3w3g8.marketingautomation.services Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 12:44:08 GMT content-encoding gzip x-content-type-options nosniff age 5440 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 139097 x-xss-protection 0 last-modified Mon, 13 Dec 2021 05:04:24 GMT server sffe vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin-allow-popups; report-to="recaptcha" expires Tue, 20 Dec 2022 12:44:08 GMT
GET H2	200	f19ceb93-7803-484f-9dcc-02518648a4bd Show response app-3qnkr3w3g8.marketingautomation.services/prospector/getFormData/MzawMDG3sDAxAgA/ Frame EF8C	3 KB 871 B	127ms 126ms	XHR application/json	107.178.240.224 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app-3qnkr3w3g8.marketingautomation.services/prospector/getFormData/MzawMDG3sDAxAgA/f19ceb93-7803-484f-9dcc-02518648a4bd?rf__sb=https%253A%252F%252Fwww.cfmediaview.com%252Flp1.aspx%253Fv%253D5_65908345_8155_1&instance=2mnn3o&rf__doc=https%3A%2F%2Fmidwesthearingagency.com%2F Requested by Host: app-3qnkr3w3g8.marketingautomation.services URL: https://app-3qnkr3w3g8.marketingautomation.services/includes/js/core/jquery-1.7.2.min.js?ver=5.75-35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.178.240.224 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 224.240.178.107.bc.googleusercontent.com Software openresty / Resource Hash 8e9c7b16eff20851934f7a796b8485e5c828309952c8758b11b336906505dabc Security Headers Name Value X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding gzip x-clacks-overhead GNU Terry Pratchett server openresty access-control-allow-origin * vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json via 1.1 google pod-hostname koi-7b8f78b55d-59z22 alt-svc clear x-xss-protection 1; mode=block
GET H3	200	translate_24dp.png www.gstatic.com/images/branding/product/1x/	846 B 870 B	92ms 39ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/1x/translate_24dp.png Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:03:53 GMT x-content-type-options nosniff age 655 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 846 x-xss-protection 0 last-modified Thu, 14 Oct 2021 09:08:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 20 Dec 2022 14:03:53 GMT
GET H3	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 934 B	93ms 41ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Requested by Host: midwesthearingagency.com URL: https://midwesthearingagency.com/benefits-of-midwest-complete Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 02:57:11 GMT x-content-type-options nosniff age 40657 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 910 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 20 Dec 2022 02:57:11 GMT
GET H3	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	92ms 41ms	Image image/png	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: translate.googleapis.com URL: https://translate.googleapis.com/translate_static/css/translateelement.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://translate.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 13:40:00 GMT x-content-type-options nosniff age 2088 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1842 x-xss-protection 0 last-modified Thu, 14 Oct 2021 09:08:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Tue, 20 Dec 2022 13:40:00 GMT
GET H2	200	supportedLanguages Show response translate-pa.googleapis.com/v1/ Frame 8499	14 KB 2 KB	161ms 63ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=de&key=AIzaSyBwiZMnpJaVvcWHlTAcFdNmtrJb_P4aLXc&callback=callback Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 226476a8194032bc968040bcc569a0cea9207958e52412d459c09e3bf9f9ea7d Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type text/javascript; charset=UTF-8 vary Origin, X-Origin, Referer content-length 1213 x-xss-protection 0 expires Mon, 20 Dec 2021 14:14:48 GMT
GET H3	200	twk-main.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	121 B 505 B	43ms 31ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-main.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1401 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"da5bb1dc647470204df0e49f5afac2de" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aa8d86e0ebb-FRA
GET H3	200	twk-vendor.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	76 KB 27 KB	48ms 36ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-vendor.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1401 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"7dcb496e4882926f93f2e73fa87062c0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aa8d86d0ebb-FRA
GET H3	200	twk-chunk-vendors.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	192 KB 57 KB	64ms 52ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f22599e0d24b748f3aec60adf9492df18846939f6ce308e4e5f69381e8d84088 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1401 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"cf569d9832af4fd97c3fff711e9fa129" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aa8d86b0ebb-FRA
GET H3	200	twk-chunk-common.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	138 KB 35 KB	43ms 32ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 933904924e79e827fdc488b13b79beb38a01b64d48671ce82b62c9f65419ab90 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1401 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"c5af63ebce0319205496d81655bc9430" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aa8d8660ebb-FRA
GET H3	200	twk-runtime.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	2 KB 1 KB	41ms 30ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a22795598e7834a70f36a718e180cc5d566a871c3b4d8e10e2e860092af9fcf Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1401 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"917d1c5b4a1b3097223233ed9cc4514f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aa8d8640ebb-FRA
GET H3	200	twk-app.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	151 B 493 B	41ms 30ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-app.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/61738ef486aee40a5737f4fd/1filmcr21 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1401 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"e736e189edb5d0d9d5b8e7f23dd9114a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aa8d8610ebb-FRA
POST H2	200	register Show response va.tawk.to/	1 KB 2 KB	381ms 177ms	Fetch application/json	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/register Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66558fdb0f68ee6a9ddfc61a9f6b509c8dace0c7cf1dcd66e9c6cf23d66251c1 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://midwesthearingagency.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC p3p CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT' alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by visitor-application-preemptive-jjfs server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload access-control-allow-methods POST,OPTIONS content-type application/json access-control-allow-origin https://midwesthearingagency.com vary Accept-Encoding cache-control no-cache access-control-allow-credentials true cf-ray 6c097aaaca6b1f39-FRA access-control-allow-headers content-type,x-tawk-token
GET H2	200	widget-settings Show response va.tawk.to/v1/	3 KB 1 KB	58ms 49ms	Fetch application/json	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://va.tawk.to/v1/widget-settings?propertyId=61738ef486aee40a5737f4fd&widgetId=1filmcr21&sv=undefined Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36af11aa08e864c0b0fa504b4f7c23a705071bb18bca8dcce60d5b9b9c619fc1 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1399 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by visitor-application-servers-zc8k server cloudflare etag W/"2-6-0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload access-control-allow-methods GET,OPTIONS content-type application/json access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=7200, s-maxage=1800 cf-ray 6c097aa98cb2701f-FRA access-control-allow-headers content-type,x-tawk-token
GET H3	200	en.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/languages/	16 KB 4 KB	65ms 54ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/languages/en.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-common.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2a37b3244a9a215cc8c90b8bc11388c4fd8b2dd23d415acfccf16e3224250d7 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"5a13c5b16c3caf8b986d6b915fd4b13e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aab0fdc4e4a-FRA
GET H3	200	twk-chunk-2d0d2b7c.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	7 KB 2 KB	38ms 37ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0258bf0904baa243eb5f64f1607f3f568ac3aa3290b3f50f673968c71344c37d Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"722cffb3daa1570354cb1b80cb4846c1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe98f4e4a-FRA
GET H3	200	twk-chunk-2d224aff.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	16 KB 5 KB	28ms 27ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d224aff.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8cc67ffca1890f893665ac67d1cb92f6f9886bc63b2a5c47e74be40a8a6ba2a8 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"6706fab732e36ad7168da061e15ca9c8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe9924e4a-FRA
GET H3	200	twk-chunk-f1596d96.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	10 KB 4 KB	18ms 17ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-f1596d96.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 486974c9792917ab23dc7b712fccc068ebbf68c71c9ab9325321fd5350c643dc Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"7ab31362d93cd9403ba656eb650fcac2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe9934e4a-FRA
GET H3	200	twk-chunk-48f46bef.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	16 KB 5 KB	19ms 19ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-48f46bef.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b615bb1b4b553f931f07aa0b25fff28776079afe9bf1b07c5b7d8983d59c10c8 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"45368aac145cc907271bddd98ff38f79" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe9944e4a-FRA
GET H3	200	twk-chunk-4fe9d5dd.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	942 B 818 B	18ms 18ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-4fe9d5dd.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"5f434bdd806571a4e1b385bee9316ff6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe9964e4a-FRA
GET H3	200	twk-chunk-2d0b9454.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	546 B 707 B	18ms 18ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0b9454.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"09c3819d373bd4178a620d721429fada" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe99a4e4a-FRA
GET H3	200	twk-chunk-f163fcd0.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	11 KB 4 KB	19ms 18ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-f163fcd0.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb94ebe9718dddddc412d9054b58d2ec39bea39d4f40e2181bafc4fb21120c19 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"5d825157bfbb4872b9ce8ea19e5eb7e6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe99b4e4a-FRA
GET H3	200	twk-chunk-32507910.js Show response embed.tawk.to/_s/v4/app/61adcafd0e1/js/	69 KB 16 KB	27ms 27ms	Script application/javascript	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-32507910.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-runtime.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b54adfacfbd58ffa1154d771cbb8eea48203698a86d82525590710d0953c495a Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:48 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"a147cbd01f475b3dfee036242da85abd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aabe9a04e4a-FRA
GET H2	200	/ Show response vsb111.tawk.to/s/	101 B 201 B	487ms 475ms	XHR application/octet-stream	2606:4700:10::ac43:2642 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vsb111.tawk.to/s/?k=61c08fd83d09d3c1784addcf&cver=0&pop=false&asver=28&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTczOGVmNDg2YWVlNDBhNTczN2Y0ZmQiLCJ2aWQiOiJiNDkwNzhjZDc0ZGM0MTQ4NzQ1OGFlMjcyNTViY2VkNTk5M2IyMDEwMjhlZDRjZmI0NGM4NzNjNmI4MDQ4YzM2IiwiaWF0IjoxNjQwMDA5Njg4LCJleHAiOjE2NDAwMTE0ODgsImp0aSI6Ims5cXlvUVpzQ3RoNlVRWG1BRjU0dCJ9.vy1on_vE3PMWlmzK6WuZ1n4TDlilhSI_ID8gzpXrC5MSeauSEZfWNk1p4tdIhRbNlvSxbU2GpfrD2YMrhymlVQ&EIO=3&transport=polling&__t=NtOCUTp Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eca6ba78aa77dcbeba47ccf0c45aa06a2f72721232737a3da13e66f2d8603009 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://midwesthearingagency.com access-control-allow-credentials true cf-ray 6c097aac0c971f39-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 101
GET H3	200	min-widget.css embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame 10F5	24 KB 5 KB	23ms 23ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/min-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34533e0e1da75160a7daf8a64a6c8e84d3ee9b9265695cfdf0ce3ce7ccac0139 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 cf-polished origSize=25050 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"ca07acfc9643befa104a07a93067f7c8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aac4a4b4e4a-FRA cf-bgj minify
GET H3	200	bubble-widget.css embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame 5EF1	13 KB 3 KB	21ms 21ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/bubble-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 cf-polished origSize=13594 x-cache-status MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"ce7913b80c763449b3895d46419f7a6b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aac4a674e4a-FRA cf-bgj minify
GET H3	200	message-preview.css embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame 0149	37 KB 8 KB	28ms 28ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c441a4185403c04c6660b68f8e08dbb2c1006c6a0f792fd454216a35b73fc867 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 cf-polished origSize=37650 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"792b46302ed8c4acdf03169ba30069fc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aac6a984e4a-FRA cf-bgj minify
GET H3	200	max-widget.css embed.tawk.to/_s/v4/app/61adcafd0e1/css/ Frame A936	72 KB 14 KB	20ms 20ms	Stylesheet text/css	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/max-widget.css Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-2d0d2b7c.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89ab7fd53e99ea2991d6e35b55bc1771aab327d0e7a1ffb016a1a7c8f000cd28 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 1227213 cf-polished origSize=74104 x-cache-status HIT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Mon, 06 Dec 2021 08:35:43 GMT server cloudflare etag W/"987828ebb230aff2aaeab0ac82354266" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type text/css access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aac6aa84e4a-FRA cf-bgj minify
GET H2	200	css fonts.googleapis.com/ Frame 10F5	7 KB 887 B	48ms 48ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/min-widget.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://embed.tawk.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 20 Dec 2021 12:14:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 20 Dec 2021 14:14:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Dec 2021 14:14:49 GMT
GET H3	200	168-r-br.svg embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 5EF1	22 KB 6 KB	16ms 16ms	Image image/svg+xml	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 733970 x-cache-status MISS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 last-modified Sat, 22 May 2021 07:25:19 GMT server cloudflare etag W/"f66e029841759471d2ec78b86760dca7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=2592000, immutable cf-ray 6c097aac7aba4e4a-FRA
GET H2	200	css fonts.googleapis.com/ Frame 0149	7 KB 665 B	56ms 56ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/message-preview.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://embed.tawk.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 20 Dec 2021 12:17:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 20 Dec 2021 14:14:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Dec 2021 14:14:49 GMT
GET H2	200	css fonts.googleapis.com/ Frame A936	7 KB 665 B	64ms 64ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/css/max-widget.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://embed.tawk.to/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 20 Dec 2021 12:51:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 20 Dec 2021 14:14:49 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 20 Dec 2021 14:14:49 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v20/ Frame 10F5	23 KB 24 KB	188ms 58ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://midwesthearingagency.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 13 Dec 2021 21:26:28 GMT x-content-type-options nosniff age 578901 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23484 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:19:01 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 13 Dec 2022 21:26:28 GMT
GET H2	200	emojione.min.js Show response cdn.jsdelivr.net/emojione/2.2.7/lib/js/	295 KB 39 KB	108ms 55ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 4814878 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-fra19120-FRA timing-allow-origin * server cloudflare etag W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 6c097aad49134ec1-FRA
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	64ms 32ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=314801716297030&ev=Microdata&dl=https%3A%2F%2Fmidwesthearingagency.com%2Fbenefits-of-midwest-complete&rl=https%3A%2F%2Fwww.cfmediaview.com%2Flp1.aspx%3Fv%3D5_65908345_8155_1&if=false&ts=1640009689206&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Benefits%20of%20Midwest%20Complete%20%3A%3A%20Midwest%20Hearing%20Agency%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1640009687701.1754039465&it=1640009687600&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600 priority u=3,i expires Mon, 20 Dec 2021 14:14:49 GMT
GET H3	200	/ Show response vsb111.tawk.to/s/	77 B 391 B	144ms 144ms	XHR application/octet-stream	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vsb111.tawk.to/s/?k=61c08fd83d09d3c1784addcf&cver=0&pop=false&asver=28&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTczOGVmNDg2YWVlNDBhNTczN2Y0ZmQiLCJ2aWQiOiJiNDkwNzhjZDc0ZGM0MTQ4NzQ1OGFlMjcyNTViY2VkNTk5M2IyMDEwMjhlZDRjZmI0NGM4NzNjNmI4MDQ4YzM2IiwiaWF0IjoxNjQwMDA5Njg4LCJleHAiOjE2NDAwMTE0ODgsImp0aSI6Ims5cXlvUVpzQ3RoNlVRWG1BRjU0dCJ9.vy1on_vE3PMWlmzK6WuZ1n4TDlilhSI_ID8gzpXrC5MSeauSEZfWNk1p4tdIhRbNlvSxbU2GpfrD2YMrhymlVQ&EIO=3&transport=polling&__t=NtOCUbU.0&sid=QuuJNon1F_Pk6ZdVjh1l Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5044795238157fc0a61b477eb60555e95628d2a3bdbcc8b9ba70e0da71fe3573 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:49 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://midwesthearingagency.com access-control-allow-credentials true cf-ray 6c097aaf0f9d4e4a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 77
GET H3	200	/ Show response vsb111.tawk.to/s/	4 B 315 B	572ms 571ms	XHR application/octet-stream	2606:4700:10::6816:1983 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://vsb111.tawk.to/s/?k=61c08fd83d09d3c1784addcf&cver=0&pop=false&asver=28&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MTczOGVmNDg2YWVlNDBhNTczN2Y0ZmQiLCJ2aWQiOiJiNDkwNzhjZDc0ZGM0MTQ4NzQ1OGFlMjcyNTViY2VkNTk5M2IyMDEwMjhlZDRjZmI0NGM4NzNjNmI4MDQ4YzM2IiwiaWF0IjoxNjQwMDA5Njg4LCJleHAiOjE2NDAwMTE0ODgsImp0aSI6Ims5cXlvUVpzQ3RoNlVRWG1BRjU0dCJ9.vy1on_vE3PMWlmzK6WuZ1n4TDlilhSI_ID8gzpXrC5MSeauSEZfWNk1p4tdIhRbNlvSxbU2GpfrD2YMrhymlVQ&EIO=3&transport=polling&__t=NtOCUdn&sid=QuuJNon1F_Pk6ZdVjh1l Requested by Host: embed.tawk.to URL: https://embed.tawk.to/_s/v4/app/61adcafd0e1/js/twk-chunk-vendors.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474 Security Headers Name Value Strict-Transport-Security max-age=0; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://midwesthearingagency.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 20 Dec 2021 14:14:50 GMT x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=0; includeSubDomains; preload content-type application/octet-stream access-control-allow-origin https://midwesthearingagency.com access-control-allow-credentials true cf-ray 6c097aafea104e4a-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 4