urlscan.io logo urlscan.io
SecurityTrails logo

www.fandor.com Open in urlscan Pro
52.45.192.17  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Submission: On August 08 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 51 HTTP transactions. The main IP is 52.45.192.17, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.fandor.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on May 24th 2021. Valid for: a year.
This is the only time www.fandor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.45.192.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-192-17.compute-1.amazonaws.com
www.fandor.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
14    2600:9000:21f3:9800:3:d15e:7d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
v3-assets.fandor.com
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    185.94.180.127 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
js.spotx.tv
1    23.47.208.96 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-208-96.deploy.static.akamaitechnologies.com
aka.spotxcdn.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:3::720 (United States)

ASN54113 (FASTLY, US)
images.fandor.com
8    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net
static.hotjar.com
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    13.224.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-67.zrh50.r.cloudfront.net
script.hotjar.com
1    13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2606:4700::6810:4ea5 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
Domain Requested by
14 v3-assets.fandor.com www.fandor.com
8 fonts.gstatic.com fonts.googleapis.com
5 www.lightboxcdn.com www.fandor.com
www.lightboxcdn.com
5 pagead2.googlesyndication.com www.fandor.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 www.google.com tpc.googlesyndication.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.hotjar.com www.googletagmanager.com
1 images.fandor.com www.fandor.com
1 www.googletagmanager.com www.fandor.com
1 www.google-analytics.com www.fandor.com
1 aka.spotxcdn.com www.fandor.com
1 js.spotx.tv 1 redirects
1 fonts.googleapis.com www.fandor.com
1 www.fandor.com
51 22

This site contains links to these domains. Also see Links.

Domain
beta.fandor.com
facebook.com
instagram.com
twitter.com
Subject Issuer Validity Valid
*.fandor.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-24 -
2022-06-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
cdn.spotxcdn.com
GeoTrust RSA CA 2018		 2021-04-21 -
2022-04-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.camp-fire.jp
GlobalSign Atlas R3 DV TLS CA 2020		 2021-05-20 -
2022-06-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
ssl1029400.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2021-07-06 -
2022-06-30		 a year crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Frame ID: 6C6D16EB6BFE92FC96C2297DBDF79D1F
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Frame ID: BDC5C6703E4F5FFCF6061225E9786B03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1467603632741187&output=html&adk=1812271804&adf=3025194257&lmt=1628389852&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fandor.com%2Fposts%2Fjack-nicholson-dreaming-of-jack&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628389852129&bpp=3&bdt=538&idt=147&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=528745645313&frm=20&pv=2&ga_vid=813344632.1628389852&ga_sid=1628389852&ga_hid=1445199991&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062172&oid=3&pvsid=3702591525903590&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
Frame ID: D6C77BA1DB1EF8177796FFAC4BE79B39
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: D7E5829CB482E4E7B3446A6F1A4E9B77
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3307AB815721B5D0D46AFEA315E00517
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AAC33ABBF9DF11619F838C68D4662DAC
Requests: 1 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/lightbox.js?mb=1628389853386&lv=1
Frame ID: 95F80B3FF9F0890201FA8B3AFA6B9797
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /lightbox.*\.js/i

Page Statistics

51
Requests

100 %
HTTPS

62 %
IPv6

16
Domains

22
Subdomains

20
IPs

4
Countries

1891 kB
Transfer

5349 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://js.spotx.tv/directsdk/v1/210251.js HTTP 307
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jack-nicholson-dreaming-of-jack
www.fandor.com/posts/ 		37 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.45.192.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-192-17.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
d0003fef500f0ac8919e0df663b1bb36047f7fde119daa617bcb8e97c3d4b4aa

Request headers

Host
www.fandor.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Methods
GET
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 08 Aug 2021 02:30:51 GMT
Server
nginx/1.13.8
Vary
Accept-Encoding
transfer-encoding
chunked
css
fonts.googleapis.com/ 		23 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b792a8b9d97a4a76bb958e04ef6ea89bcbd361d368680e857a54c4674b1a97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 02:30:51 GMT
server
ESF
date
Sun, 08 Aug 2021 02:30:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Aug 2021 02:30:51 GMT
app.min.0c6e5253.css
v3-assets.fandor.com/public/ 		103 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3-assets.fandor.com/public/app.min.0c6e5253.css
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2d454a4fa69436d3e05045ee210bc9124c47cdaabbfe7cc41d604ec819f442e

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 14:03:15 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
44856
etag
W/"b31a165fe5eda79cee0e9807addec33b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
WV4-395KfKOfo7_zVZkTiApvhao2CIEvjXw9v-h-nB3jQ7fSu5mbdg==
expires
Wed, 08 Oct 51400 06:32:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		137 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49445
x-xss-protection
0
server
cafe
etag
12364812339251644168
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 02:30:52 GMT
directsdk.js
aka.spotxcdn.com/integration/directsdk/v1/
Redirect Chain
  • https://js.spotx.tv/directsdk/v1/210251.js
  • https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
521 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.47.208.96 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-208-96.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
70af40e7464e3e72e59f9bd786732aba8abf20c7a8cb62192a168de617c069b0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 02:30:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 22:39:21 UTC
Server
nginx
Access-Control-Allow-Headers
ETag
28d1d4acae1660399ce826f0d9e53ce6
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=134
Connection
keep-alive
Timing-Allow-Origin
*
X-SpotX-Build-Version
1.46.0-20210520.2223
Content-Length
204336

Redirect headers

Pragma
no-cache
Date
Sun, 08 Aug 2021 02:30:51 GMT
Last-Modified
Sun, 08 Aug 2021 02:30:51 UTC
Server
nginx
Location
//aka.spotxcdn.com/integration/directsdk/v1/directsdk.js
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
post-check=0, pre-check=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
15
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
search_x.eea7e73d.svg
v3-assets.fandor.com/public/ 		1 KB
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/search_x.eea7e73d.svg
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaf67232b459c166856907572052b10633b584f32b7605ef6ea9d502956f5d29

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 23:15:44 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
530107
etag
W/"eea7e73d892920b11af2234e96509b0b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
sbSeftFOpplJHvBCyeMIGNi-b9DuNoagX1aWXF4BuZ_RW-H-3yMCdw==
expires
Wed, 08 Oct 51400 06:32:55 GMT
search_icon.cd5d0ce0.svg
v3-assets.fandor.com/public/ 		745 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/search_icon.cd5d0ce0.svg
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6179c1561e01754b3688e688c13022e844163df3bb905378c32cfcd788e48799

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 01 Aug 2021 23:15:45 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
530107
etag
"cd5d0ce0a4b64212b4d2b0eae54be95f"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
745
x-amz-cf-id
wPOwtisfFaPyUtrIUOkOrayAMx0WggEEWNZ1BSDHyKkCuKV8kZz_eQ==
expires
Wed, 08 Oct 51400 06:32:55 GMT
hamburger-icon.de69da8e.png
v3-assets.fandor.com/public/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/hamburger-icon.de69da8e.png
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03613c84da9f93d34b6244e2fd0361bbca11ce84e6cbf0174c55dfbd9291db1d

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 14:03:18 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
44854
etag
"de69da8e1ad65b820cf56aae01690d06"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
1165
x-amz-cf-id
BZh5gsx36F2WNg0bzS0PQcAw-NgU6ZBVmsHMvK0IVM8BhRYiDHJbiQ==
expires
Wed, 08 Oct 51400 06:32:55 GMT
fandor_movie_lovers.082167c8.png
v3-assets.fandor.com/public/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/fandor_movie_lovers.082167c8.png
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
220715a9516e63d9fea633a933085c861705a1586909c4a9ea20e28c54f3797d

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 02 Aug 2021 03:24:51 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
515161
etag
"082167c8ded52b50cb38e516716798a5"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
6633
x-amz-cf-id
2dkyr8VcfgLPdy7YHg_E0FoIhT5iZdRP0HAd4a_mmiZU3WcLZ7b3hw==
expires
Wed, 08 Oct 51400 06:32:55 GMT
down_arrow.a7e54ef0.png
v3-assets.fandor.com/public/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/down_arrow.a7e54ef0.png
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91c1ab20db3ca4eb5efef3b2f1e4806c8bf3041b4feb96deccf7d8347b841855

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 03:29:00 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
82911
etag
"a7e54ef03bb0a2723cc01db61aefbf59"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
4355
x-amz-cf-id
n-R8KpdJv4NCQd3uwj8y1xJxyQrG0nnxFLNOTmXhhz0Lsj1n9ls3-g==
expires
Wed, 08 Oct 51400 06:32:55 GMT
fandor_colophon.d7c90862.svg
v3-assets.fandor.com/public/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/fandor_colophon.d7c90862.svg
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e11085c405904d2f0387808135427a840bac7de87e4c8f9c94da7107889f598

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 15:07:55 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
127377
etag
W/"d7c90862ab6b4cd37616f964d972b431"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tDSUft6ze_LYqN-Z-2bILkgY6VkxwBwKlJlJ1BifZA359-YrahnEuw==
expires
Wed, 08 Oct 51400 06:32:55 GMT
fandor_logo@2x.75984dbd.png
v3-assets.fandor.com/public/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/fandor_logo@2x.75984dbd.png
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de5eb65e2e22d3069cc841fcb99e7a9058f6d227e0538f90bcba3958d15d5a39

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:36:48 GMT
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
122044
etag
"75984dbda14539ca1d98b4d13b332f50"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
5355
x-amz-cf-id
JPKo5EKPNc-XIkom_vYsoKtRBR5MkSQzKiLgONEZMvhUb1cn99iryw==
expires
Wed, 08 Oct 51400 06:32:55 GMT
facebook-icon-white.eb75df6a.svg
v3-assets.fandor.com/public/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/facebook-icon-white.eb75df6a.svg
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5878722b62cc0bc532c856141e3eebd4eb5c381ece526056da46f83fcc734c21

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 03:29:00 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
82911
etag
W/"eb75df6a84cc17cef798efa684721ed8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ucYBHZwtLe_c5JxE5FnPlL-7hweQBnSGxEfDF3qCIMdx-nMq4zAHWg==
expires
Wed, 08 Oct 51400 06:32:55 GMT
instagram-icon-white.ac4d84ec.svg
v3-assets.fandor.com/public/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/instagram-icon-white.ac4d84ec.svg
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e89c837d56c3f578fc195a46c398de233c71fd89f543f2851ad16bbaf092e5e6

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 04 Aug 2021 09:15:39 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
321313
etag
W/"ac4d84ec3dc2c4901a2e2cd72b0d35a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
bRIGYS3qZerlHDzkHgw6r60HJe6DMJPtHLdASAKxfIrkJ1sAc55iGA==
expires
Wed, 08 Oct 51400 06:32:55 GMT
twitter-icon-white.da90432b.svg
v3-assets.fandor.com/public/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3-assets.fandor.com/public/twitter-icon-white.da90432b.svg
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3896fc19f960262393857a02a889f3ca92c3bdac477ab3dac0d60d8c3ef8ee15

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 15:55:37 GMT
content-encoding
gzip
last-modified
Wed, 08 May 2019 05:12:53 GMT
server
AmazonS3
age
210915
etag
W/"da90432b6a7c45d2ef39621ebc9184a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
gjGXUOnGS6ujQz-cIssXl8oRhdxfL5R4-zzRlHDYeUUn1N92ibXsVg==
expires
Wed, 08 Oct 51400 06:32:55 GMT
runtime.min.06b742a1.js
v3-assets.fandor.com/public/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3-assets.fandor.com/public/runtime.min.06b742a1.js
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d9970652d7561dbe41da14288c33dfbc2b5c3a2dcde8f65475cd42b19881c54

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 03:29:00 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 22:07:26 GMT
server
AmazonS3
age
82911
etag
W/"2aba1d709c95b95b0611399521eac2ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
g5CNiHcZZJ4RpbE6fDCPozun4-RjtsJKRaZ-c9gRBhCxZZYtlTYLbg==
common.min.34fec438.js
v3-assets.fandor.com/public/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://v3-assets.fandor.com/public/common.min.34fec438.js
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
app.min.9723fb80.js
v3-assets.fandor.com/public/ 		2 MB
507 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3-assets.fandor.com/public/app.min.9723fb80.js
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:9800:3:d15e:7d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1baab210ceab75ea167b17461a967f545f44e6b01822bc9e10b65cc1af159d59

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 03:29:00 GMT
content-encoding
gzip
last-modified
Thu, 20 Jun 2019 22:01:32 GMT
server
AmazonS3
age
82911
etag
W/"185c04c793bdcce943d7459bc4cca8f5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7VSRAB66G-wYM27kzcxj2NRSvvGnn8z3xw4XSYQumR2pQk6GdkOS9A==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
4630
date
Sun, 08 Aug 2021 01:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Sun, 08 Aug 2021 03:13:41 GMT
gtm.js
www.googletagmanager.com/ 		124 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5VDHNPZ
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bab694b7e1cafc7a1493be5d635a8dce834d76101109d482a4c0c81ea30422a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:51 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47105
x-xss-protection
0
last-modified
Sun, 08 Aug 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Aug 2021 02:30:51 GMT
62423.original.jpg
images.fandor.com/images/attachments/000/002/228/original/ 		466 KB
466 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.fandor.com/images/attachments/000/002/228/original/62423.original.jpg?1493145247&auto=format,compress
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c757f088e87371fcbacc9fc5578042f1419d11255bd46385d7c8aff92601d0d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 08 Aug 2021 02:11:44 GMT
server
imgix
age
1148
vary
Accept, User-Agent
x-cache
HIT, MISS
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-imgix-id
ef09a89e833cd058c0257ff43038a4ffd011be69
accept-ranges
bytes
content-length
476728
cross-origin-resource-policy
cross-origin
x-served-by
cache-sjc10044-SJC, cache-fra19151-FRA
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v39/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v39/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:05:54 GMT
x-content-type-options
nosniff
age
123897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16016
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:55:15 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:05:54 GMT
JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:06:47 GMT
x-content-type-options
nosniff
age
123844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19536
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:50:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:06:47 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:08:56 GMT
x-content-type-options
nosniff
age
123715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19824
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:51:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:08:56 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:05:55 GMT
x-content-type-options
nosniff
age
123896
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:50:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:05:55 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v17/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:06:47 GMT
x-content-type-options
nosniff
age
123844
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:50:06 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:06:47 GMT
5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v11/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/hind/v11/5aU69_a8oxmIdGl4BA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7a3280717b1f82f46bee459863720a03de43b16dc8097ba1b133440e5fe0edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 05:26:31 GMT
x-content-type-options
nosniff
age
421460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16264
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 03 Aug 2022 05:26:31 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 07:49:49 GMT
x-content-type-options
nosniff
age
240062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44876
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:37 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 05 Aug 2022 07:49:49 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v17/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v17/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,300i,700|Montserrat:300,400,500,600,700|Oswald|Playfair+Display:400,400i,700,700i,900,900i|Hind
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.fandor.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:08:54 GMT
x-content-type-options
nosniff
age
123717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Fri, 06 Aug 2021 15:51:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 16:08:54 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/ 		250 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95446
x-xss-protection
0
server
cafe
etag
390643862346785813
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 02:30:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/ Frame BDC5 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210803/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210803/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fandor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fandor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 07 Aug 2021 19:31:05 GMT
expires
Sat, 21 Aug 2021 19:31:05 GMT
content-type
text/html; charset=UTF-8
etag
8999110079160743657
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4576
x-xss-protection
0
age
25187
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hotjar-1066892.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1066892.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VDHNPZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-91.zrh50.r.cloudfront.net
Software
/
Resource Hash
78708e1924e475f123d66cd33f04c3ea9081dc35a08dcd9a141ea68aabfe16bc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:51 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
1
etag
W/f3b90b42d693c1aae10f99aeca87f4ce
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
ZRH50-C1
content-length
1890
via
1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-id
5aDxthpfXBhpR2KYaDPJgcBO_NRiCGcx9lMTKkL1zdwMUC74nx0KNw==
cookie.js
partner.googleadservices.com/gampad/ 		200 B
656 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.fandor.com&callback=_gfp_s_&client=ca-pub-1467603632741187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b640ac3f1ecdf8cf709195bcd2364f9c9e358629c215239321c4cdac5169bbce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.fandor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.fandor.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D6C7 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1467603632741187&output=html&adk=1812271804&adf=3025194257&lmt=1628389852&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fandor.com%2Fposts%2Fjack-nicholson-dreaming-of-jack&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628389852129&bpp=3&bdt=538&idt=147&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=528745645313&frm=20&pv=2&ga_vid=813344632.1628389852&ga_sid=1628389852&ga_hid=1445199991&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062172&oid=3&pvsid=3702591525903590&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1467603632741187&output=html&adk=1812271804&adf=3025194257&lmt=1628389852&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.fandor.com%2Fposts%2Fjack-nicholson-dreaming-of-jack&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1628389852129&bpp=3&bdt=538&idt=147&shv=r20210803&mjsv=m202108060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=528745645313&frm=20&pv=2&ga_vid=813344632.1628389852&ga_sid=1628389852&ga_hid=1445199991&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20211866%2C31062172&oid=3&pvsid=3702591525903590&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=168
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fandor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fandor.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 08 Aug 2021 02:30:52 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 08-Aug-2021 02:45:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 08 Aug 2021 02:30:52 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628249289658065"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28112
x-xss-protection
0
expires
Sun, 08 Aug 2021 02:30:52 GMT
modules.9a6619e61150e4449f35.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.9a6619e61150e4449f35.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1066892.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-67.zrh50.r.cloudfront.net
Software
/
Resource Hash
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 05 Aug 2021 14:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
216767
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59579
access-control-allow-origin
*
last-modified
Thu, 05 Aug 2021 14:17:07 GMT
etag
"f404c80c4e9647abd5db65360cf9ecee"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
kNb_jY5WJEYS1ceg9M6mdKkjlF3Kb3-XrK9le3PudK9w38WHqJdVFA==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame D7E5 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1066892.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-96-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fandor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fandor.com/

Response headers

content-type
text/html
content-length
1044
date
Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
JsoIpXb8LOtud0WvrT3GCbX4CDtMBarw0wpI4e51jUD41s2b19GkOA==
age
1822462
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210803&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edc47d3d86aed380241c9811c95dcfcc689d3dd2fbfd715cb29373e448451b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8738
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1467603632741187&plah=www.fandor.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 08 Aug 2021 02:30:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3307 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fandor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fandor.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sat, 07 Aug 2021 11:11:09 GMT
expires
Sun, 07 Aug 2022 11:11:09 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55183
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AAC3 		783 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a44ff23348f2139540fac838a42ee3d009cf411c09537bbfe2e1cb4750541a41
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wnpPgFc9RLgDCRHt3Klk5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.fandor.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.fandor.com/

Response headers

expires
Sun, 08 Aug 2021 02:30:52 GMT
date
Sun, 08 Aug 2021 02:30:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-wnpPgFc9RLgDCRHt3Klk5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
pagead2.googlesyndication.com/bg/ Frame 3307 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Y_O2WQQ68U2CiOGiM48gS2ev59GvBpIPMT_iTLKbJ0M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 07 Aug 2021 06:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
70669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 26 Jul 2021 08:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 07 Aug 2022 06:53:03 GMT
lightbox_inline.js
www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/lightbox_inline.js?mb=1628389852726
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a4f2dd7a48917906df2ab9e5b2557961798d65df841cbe7d3c3605f0d942fb

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 02:30:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
j0vYFGvbLuyo43c12Uo9pw==
cf-polished
origSize=2379
x-ms-lease-status
unlocked
last-modified
Tue, 18 May 2021 01:22:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
92e172cb-b01e-0130-6c98-6a49be000000
x-ms-version
2009-09-19
cf-ray
67b55343a92342f1-FRA
cf-bgj
minify
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210803&jk=3702591525903590&bg=!dnWldTHNAAals0SOpbM7ACkAdvg8WiHyrf5A_yHVbqyQFq8I1xo9WR2gvHTXD3OiloJNG9MKzgPiQwIAAABeUgAAAA1oAQcKACPagkOQZXvpg7DVflnTbVKrCNE_DpS1oKah3W_NnDQ66e-oM5kCb70QNLvKyFskTUxesEHjqqqBa1FCXLI4cT5VE085Tv05I7F_WwUi4yWMRvItWpR0cqBi8ZfZqQTUAjX-F0L-X5tZ0M_J20EmJXHgqJH9cN-ah92sIyrLPYgdMy8MEcEq0PZMGsFK-iBKbkHXGGOSgbG8T2O79Fth7QQh6K1roJjbI6S5-qTp4FNHnW6PMb5-gwEhtpVM2HbqU7kJ7WS5te5YC7SvIO1PXZGo1xaxUqj-3ysAr6VFHmbVlfLPn-aaqBxl3rFlTquJsBBcuM76sqMV5uuIDsGeujjEUIEzJP3iB8a40VFaFGLB0t2qHf4lEW_gEQMZUjxo1z3zkzjJPX6p8nRnldz-nDu2uNhFFPD2fgNxtnA0_7SZsxy1aJsnbCvnWi9jH7LkNOrH6Zy77Wtohq8GeJUqibPf6H00Ihu56u48mEG-1mjmJp4oYMinNPgTv5omrwrjK5HboI5xTG2gQJ4fKJh11KAAyaPxyRGjcAUceUvxPIp3X2ZUKBdq2GHcBeaD0cGgtNMlzhWptidNv2RvUZVhvAVjHrBChfP5u6DrJIhFhGLDrGQoEny-9XMDGl52MX4Xkk3edPeu3669JHjC5929TnqfncCfgBTsZoOW-JLgyx6UhVIYwmAYHX0O6GWSHIt1nwN6s1WSs09C_r4WG-q9Rx_FYVUmIqekuzV7xn0sQzC-Nco3tbdAwWfqWqBggQ6QvRxCUUnfS4LDT6nj7TlZSmbpy7JAEc1gmlZ4WRMhHnM8dVL_zVm1d-_a62k8m3eT7tKhOBjfz_TPjK2rEoWygAjWA0DpO42Xcc3ndMuGPOcp34U4pZXJ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Aug 2021 02:30:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lightbox.js
www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/ Frame 95F8 		326 B
289 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/lightbox.js?mb=1628389853386&lv=1
Requested by
Host: www.fandor.com
URL: https://www.fandor.com/posts/jack-nicholson-dreaming-of-jack
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8c66f4e8713d086f8f7ffd0b8cd90b3c85a41474296c9e1cdf1b9bb9a005cf76

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 08 Aug 2021 02:30:53 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
67b55347af2542f1-FRA
user.js
www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/ Frame 95F8 		633 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/user.js?cb=637611174740265865
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/lightbox.js?mb=1628389853386&lv=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f175f45e1030a5047b9e0c2074f506b7f53a06876090713238f5e7f4c75aea

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 02:30:53 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
7QiY+pW2Pc3qJzjbCyQlog==
age
372090
cf-polished
origSize=1082550
last-modified
Tue, 18 May 2021 01:22:15 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
47803456-001e-00c3-1ffb-71dc82000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
67b55349da6b42f1-FRA
expires
Mon, 08 Aug 2022 02:30:53 GMT
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637568977355946887
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/user.js?cb=637611174740265865
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 02:30:53 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
99476
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
db533d78-501e-0058-2f16-5e51ba000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
67b5534a3ad342f1-FRA
expires
Mon, 08 Aug 2022 02:30:53 GMT
z
lightboxapi.azurewebsites.net/z9gd/42345/www.fandor.com/jsonp/ 		538 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/42345/www.fandor.com/jsonp/z?cb=1628389853802&callback=jQuery171017041059997447383_1628389853787&_=1628389853803
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/400739cd-ea6e-4070-92f7-f158fc0d1017/user.js?cb=637611174740265865
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0d8f6c8ee8accbc92a18f89d39da13370d3d6b91a9e0ec80591f7faf5fa015d

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 08 Aug 2021 02:30:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1628389853794&h=www.fandor.com&e=p&u=42345
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.fandor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 08 Aug 2021 02:30:53 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
2266050
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
98f468b3-801e-0096-0e5e-1f37f5000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67b5534a4ae442f1-FRA
cf-bgj
imgq:85,h2pri

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| adsbygoogle string| GoogleAnalyticsObject function| ga object| dataLayer boolean| CLOSURE_NO_DEPS object| SpotX object| _0x20b4 function| _0x21f6 function| _0x111683 function| _0x40165d function| _0x50a9d8 object| _0x162491 function| webpackJsonp object| devtools object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map object| google_tag_manager undefined| _0x5569 undefined| _0x49e5 function| _0x470873 function| _0x4e30ea function| _0x2c937f undefined| _0x15c0b1 function| initMoatTracking string| google_user_agent_client_hint function| hj object| _hjSettings function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests function| lightboxjs function| lightboxlib undefined| $ undefined| jQuery object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery171017041059997447383_1628389853787 object| jQuery171017041059997447383

6 Cookies

Domain/Path Name / Value
.fandor.com/ Name: _hjFirstSeen
Value: 1
.fandor.com/ Name: _hjid
Value: a8fb07ad-475a-4bb1-b0fa-2c37818db99b
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.fandor.com/ Name: _ga
Value: GA1.2.813344632.1628389852
.fandor.com/ Name: __gads
Value: ID=fcb751c379dcce8a-22b1330395c90099:T=1628389852:RT=1628389852:S=ALNI_MbiYBpaZlj4m2qtP67i2V6EgDhyRA
.fandor.com/ Name: _gid
Value: GA1.2.1575154622.1628389852

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
aka.spotxcdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.fandor.com
js.spotx.tv
lightboxapi.azurewebsites.net
pagead2.googlesyndication.com
partner.googleadservices.com
script.hotjar.com
static.hotjar.com
tpc.googlesyndication.com
v3-assets.fandor.com
vars.hotjar.com
www.fandor.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
13.224.96.22
13.224.96.67
13.224.96.91
142.250.184.226
185.94.180.127
20.40.202.0
23.47.208.96
2600:9000:21f3:9800:3:d15e:7d80:93a1
2606:4700::6810:4ea5
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a04:4e42:3::720
52.45.192.17
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03613c84da9f93d34b6244e2fd0361bbca11ce84e6cbf0174c55dfbd9291db1d
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
1baab210ceab75ea167b17461a967f545f44e6b01822bc9e10b65cc1af159d59
1bab694b7e1cafc7a1493be5d635a8dce834d76101109d482a4c0c81ea30422a
220715a9516e63d9fea633a933085c861705a1586909c4a9ea20e28c54f3797d
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2d9970652d7561dbe41da14288c33dfbc2b5c3a2dcde8f65475cd42b19881c54
3896fc19f960262393857a02a889f3ca92c3bdac477ab3dac0d60d8c3ef8ee15
3b68bad79742705a9e7a436733a8fd2278f9923f48fc304ce9aecd97205ad642
3c5303654cc8d7ed7a303810a0b1b509e38592eec7411fcfef8e847e8140dca7
43f175f45e1030a5047b9e0c2074f506b7f53a06876090713238f5e7f4c75aea
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5878722b62cc0bc532c856141e3eebd4eb5c381ece526056da46f83fcc734c21
5e11085c405904d2f0387808135427a840bac7de87e4c8f9c94da7107889f598
61519deaa156f24ad28ae848179016c7cc741270cb7b30043c24bd30203bdaf3
6179c1561e01754b3688e688c13022e844163df3bb905378c32cfcd788e48799
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
63f3b659043af14d8288e1a2338f204b67afe7d1af06920f313fe24cb29b2743
6b792a8b9d97a4a76bb958e04ef6ea89bcbd361d368680e857a54c4674b1a97b
70af40e7464e3e72e59f9bd786732aba8abf20c7a8cb62192a168de617c069b0
76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb
78708e1924e475f123d66cd33f04c3ea9081dc35a08dcd9a141ea68aabfe16bc
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c66f4e8713d086f8f7ffd0b8cd90b3c85a41474296c9e1cdf1b9bb9a005cf76
91c1ab20db3ca4eb5efef3b2f1e4806c8bf3041b4feb96deccf7d8347b841855
a2a4f2dd7a48917906df2ab9e5b2557961798d65df841cbe7d3c3605f0d942fb
a2d454a4fa69436d3e05045ee210bc9124c47cdaabbfe7cc41d604ec819f442e
a44ff23348f2139540fac838a42ee3d009cf411c09537bbfe2e1cb4750541a41
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b640ac3f1ecdf8cf709195bcd2364f9c9e358629c215239321c4cdac5169bbce
c3518fe7d26d5247b173af463426cb2b3215abfa3848ca33d871055cc94b5be4
c757f088e87371fcbacc9fc5578042f1419d11255bd46385d7c8aff92601d0d0
d0003fef500f0ac8919e0df663b1bb36047f7fde119daa617bcb8e97c3d4b4aa
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d7a3280717b1f82f46bee459863720a03de43b16dc8097ba1b133440e5fe0edc
de5eb65e2e22d3069cc841fcb99e7a9058f6d227e0538f90bcba3958d15d5a39
e0d8f6c8ee8accbc92a18f89d39da13370d3d6b91a9e0ec80591f7faf5fa015d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e89c837d56c3f578fc195a46c398de233c71fd89f543f2851ad16bbaf092e5e6
eaf67232b459c166856907572052b10633b584f32b7605ef6ea9d502956f5d29
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
edc47d3d86aed380241c9811c95dcfcc689d3dd2fbfd715cb29373e448451b57
fc04d1fd608cedf1f0c4735145a15031f77cb7491d6234cec4ee2cd9be74937a