get-tvidler.com Open in urlscan Pro
2606:4700:3033::6815:5d1f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/nbvcdfghytre/mdsand2.html#redirect.php/c14223cRrVY631521NLkw12005CRO7626fOhe2189
Effective URL:
https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1...
Submission: On September 12 via api (September 12th 2022, 3:57:15 am UTC) from BE — Scanned from DE

Summary HTTP 84 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 21 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3033::6815:5d1f, located in United States and belongs to CLOUDFLARENET, US. The main domain is get-tvidler.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 3rd 2022. Valid for: a year.

This is the only time get-tvidler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2a00:1450:400... 2a00:1450:4001:810::2010	15169 (GOOGLE) (GOOGLE)
1 2	94.102.4.177 94.102.4.177	51559 (NETINTERN...) (NETINTERNET Netinternet Bilisim Teknolojileri AS)
2 2	195.88.87.101 195.88.87.101	51167 (CONTABO) (CONTABO)
1 1	181.214.242.99 181.214.242.99	61317 (ASDETUK w...) (ASDETUK www.heficed.com)
24	2606:4700:303... 2606:4700:3033::6815:5d1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	34.120.82.94 34.120.82.94	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.147.15 18.66.147.15	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.83 108.138.17.83	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:41c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	68.70.204.3 68.70.204.3	44239 (PROINITY ...) (PROINITY PROINITY)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:1b30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1a30	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:158a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
10	52.54.22.52 52.54.22.52	14618 (AMAZON-AES) (AMAZON-AES)
13	52.222.214.106 52.222.214.106	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.126 108.138.17.126	16509 (AMAZON-02) (AMAZON-02)
2	108.138.7.111 108.138.7.111	16509 (AMAZON-02) (AMAZON-02)
84	27

1 2a00:1450:4001:810::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.102.4.177 (Turkey) 1 redirects

ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR)
PTR: recvery.weboxstory.com

emanhtap.arfiandi.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.88.87.101 (Nuremberg, Germany) 2 redirects

ASN51167 (CONTABO, DE)
PTR: vmi742437.contaboserver.net

yourplay9.derkach.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 181.214.242.99 (United Arab Emirates) 1 redirects

ASN61317 (ASDETUK www.heficed.com, GB)
PTR: ohone.guyagents.com

www.thedailyyami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:4700:3033::6815:5d1f (United States)

ASN13335 (CLOUDFLARENET, US)

get-tvidler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.82.94 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 94.82.120.34.bc.googleusercontent.com

www.dsw0trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-15.fra60.r.cloudfront.net

clientcdn.pushengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-83.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:41c (United States)

ASN13335 (CLOUDFLARENET, US)

omnisrc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.70.204.3 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

survey.survicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1b30 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a30 (United States)

ASN13335 (CLOUDFLARENET, US)

wt.soundestlink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:158a (United States)

ASN13335 (CLOUDFLARENET, US)

omnisnippet1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.54.22.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-22-52.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.222.214.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-106.fra56.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-126.fra56.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-111.fra56.r.cloudfront.net

muama.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 16441 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 26550 muama.webpush.freshchat.com	634 KB
24	get-tvidler.com get-tvidler.com	700 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2119	20 KB
4	gstatic.com fonts.gstatic.com	42 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 141	243 KB
3	soundestlink.com forms.soundestlink.com — Cisco Umbrella Rank: 18674 wt.soundestlink.com — Cisco Umbrella Rank: 19840	1 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 871 script.hotjar.com — Cisco Umbrella Rank: 1152 vars.hotjar.com — Cisco Umbrella Rank: 1247	69 KB
2	omnisnippet1.com omnisnippet1.com — Cisco Umbrella Rank: 18503	43 KB
2	dsw0trk.com www.dsw0trk.com — Cisco Umbrella Rank: 772673	18 KB
2	derkach.info 2 redirects yourplay9.derkach.info	699 B
2	arfiandi.me 1 redirects emanhtap.arfiandi.me	723 B
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 706 fonts.googleapis.com — Cisco Umbrella Rank: 120	2 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 18188	25 KB
1	google.de www.google.de — Cisco Umbrella Rank: 3469	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 19	501 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3064	259 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 188	442 B
1	survicate.com survey.survicate.com — Cisco Umbrella Rank: 7216	364 B
1	omnisrc.com omnisrc.com — Cisco Umbrella Rank: 71766	15 KB
1	pushengage.com clientcdn.pushengage.com — Cisco Umbrella Rank: 18106	25 KB
1	thedailyyami.com 1 redirects www.thedailyyami.com — Cisco Umbrella Rank: 541832	683 B
84	21

	Domain	Requested by
24	get-tvidler.com	emanhtap.arfiandi.me get-tvidler.com
13	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
10	wchat.freshchat.com	get-tvidler.com wchat.freshchat.com assetscdn-wchat.freshchat.com
4	fonts.gstatic.com	get-tvidler.com
4	www.googletagmanager.com	get-tvidler.com www.googletagmanager.com
3	region1.google-analytics.com	www.googletagmanager.com
2	muama.webpush.freshchat.com	wchat.freshchat.com muama.webpush.freshchat.com
2	omnisnippet1.com	omnisrc.com
2	forms.soundestlink.com	omnisrc.com get-tvidler.com
2	www.google-analytics.com	www.googletagmanager.com get-tvidler.com
2	www.dsw0trk.com	get-tvidler.com
2	yourplay9.derkach.info	2 redirects
2	emanhtap.arfiandi.me	1 redirects storage.googleapis.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	www.google.de	get-tvidler.com
1	www.google.com	get-tvidler.com
1	vc.hotjar.io	get-tvidler.com
1	stats.g.doubleclick.net	get-tvidler.com
1	vars.hotjar.com	static.hotjar.com
1	wt.soundestlink.com	get-tvidler.com
1	script.hotjar.com	static.hotjar.com
1	survey.survicate.com	get-tvidler.com
1	omnisrc.com	get-tvidler.com
1	static.hotjar.com	get-tvidler.com
1	clientcdn.pushengage.com	get-tvidler.com
1	fonts.googleapis.com	get-tvidler.com
1	www.thedailyyami.com	1 redirects
1	storage.googleapis.com
84	28

This site contains links to these domains. Also see Links.

Domain
ekomlita.everflowclient.io

Subject Issuer	Validity	Valid
storage.googleapis.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-03` - `2023-04-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
dsw0trk.com Starfield Secure Certificate Authority - G2	`2022-05-07` - `2023-06-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.pushengage.com Amazon	`2022-02-18` - `2023-03-17`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.survicate.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-10-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-22` - `2022-11-14`	3 months	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
freshchat.com Amazon	`2022-06-28` - `2023-07-27`	a year	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Frame ID: E11AAF00442B834119C701657E024A37
Requests: 60 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 7F5F8DCC3657F75378B2900BFD8CDB8B
Requests: 1 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Frame ID: 809553672ACE814A66EB8BBAB59DC706
Requests: 21 HTTP requests in this frame

Frame: https://muama.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Frame ID: 96BC825754A3AE843031245C69218311
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vous pensez que vous vous nettoyez les oreilles correctement, mais avez-vous ce décapant pour cire d'oreille ? | Tvidler

Page URL History Show full URLs

https://storage.googleapis.com/nbvcdfghytre/mdsand2.html Page URL
http://emanhtap.arfiandi.me/redirect.php/c14223cRrVY631521NLkw12005CRO7626fOhe2189 Page URL
http://emanhtap.arfiandi.me/track/c14223cRrVY631521NLkw12005CRO7626fOhe2189 HTTP 302
http://yourplay9.derkach.info/redirect/index.php?ggg=AU,UK,CA,NZ&lloo=https://www.newsonlinesales.com/ZhhH... HTTP 302
http://yourplay9.derkach.info/rd/Files/intlrdall.php?attr1=2&attr2=2189-14223&attr3=631521-12005-7626 HTTP 302
https://www.thedailyyami.com/5BMR57K/PMN8S95/?sub1=2&sub2=2189-14223&sub3=631521-12005-7626 HTTP 302
https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=af... Page URL

Detected technologies

Omnisend (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

omnisrc\.com

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PushEngage (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

clientcdn\.pushengage\.\w+/core

Page Statistics

84
Requests

98 %
HTTPS

50 %
IPv6

21
Domains

28
Subdomains

27
IPs

6
Countries

1839 kB
Transfer

6549 kB
Size

25
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ekomlita.everflowclient.io/affiliate/signup/?q=5J473L
Title: Affiliés

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/nbvcdfghytre/mdsand2.html Page URL
http://emanhtap.arfiandi.me/redirect.php/c14223cRrVY631521NLkw12005CRO7626fOhe2189 Page URL
http://emanhtap.arfiandi.me/track/c14223cRrVY631521NLkw12005CRO7626fOhe2189 HTTP 302
http://yourplay9.derkach.info/redirect/index.php?ggg=AU,UK,CA,NZ&lloo=https://www.newsonlinesales.com/ZhhHMw1c4xVUR7LKeZzV7qQ7MgwISnoTXvmPYLFwWyPiZ3QjsRv1u4-F7AV1gesVo0B2cwM9WDbMikciMYOa1g~~/2/2189-14223/631521-12005-7626 HTTP 302
http://yourplay9.derkach.info/rd/Files/intlrdall.php?attr1=2&attr2=2189-14223&attr3=631521-12005-7626 HTTP 302
https://www.thedailyyami.com/5BMR57K/PMN8S95/?sub1=2&sub2=2189-14223&sub3=631521-12005-7626 HTTP 302
https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mdsand2.html
storage.googleapis.com/nbvcdfghytre/ 274 B
854 B 66ms
14ms Document
text/html 2a00:1450:4001:810::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/nbvcdfghytre/mdsand2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1514
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-length: 274
content-type: text/html
date: Mon, 12 Sep 2022 03:31:46 GMT
etag: "ac1ca4e8ee8e94cba92eb2562ae317d4"
expires: Mon, 12 Sep 2022 04:31:46 GMT
last-modified: Wed, 22 Jun 2022 16:59:40 GMT
server: UploadServer
x-goog-generation: 1655917180019685
x-goog-hash: crc32c=1MKBPA== md5=rByk6O6OlMupLrJWKuMX1A==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 274
x-guploader-uploadid: ADPycdslVtkwbi4evmgujyq9QusWapaHbVwPmqa5D1NTIyiIC9hxnBVM6HGj5DXyhZkAe4hKXqPDTqTORp6UKsgjMPN95Q

GET
H/1.1 200
OK c14223cRrVY631521NLkw12005CRO7626fOhe2189
emanhtap.arfiandi.me/redirect.php/ 253 B
370 B 237ms
56ms Document
text/html 94.102.4.177
NETINTERNET Netin...

General

Check archive.org

Show headers Download Go to

Full URL: http://emanhtap.arfiandi.me/redirect.php/c14223cRrVY631521NLkw12005CRO7626fOhe2189
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/mdsand2.html
Protocol: HTTP/1.1
Server: 94.102.4.177 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS: recvery.weboxstory.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 253
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 03:59:45 GMT

GET
H2

200

Primary Request / Show response
get-tvidler.com/articles/earwax-build-ups/
Redirect Chain

http://emanhtap.arfiandi.me/track/c14223cRrVY631521NLkw12005CRO7626fOhe2189
http://yourplay9.derkach.info/redirect/index.php?ggg=AU,UK,CA,NZ&lloo=https://www.newsonlinesales.com/ZhhHMw1c4xVUR7LKeZzV7qQ7MgwISnoTXvmPYLFwWyPiZ3QjsRv1u4-F7AV1gesVo0B2cwM9WDbMikciMYOa1g~~/2/2189...
http://yourplay9.derkach.info/rd/Files/intlrdall.php?attr1=2&attr2=2189-14223&attr3=631521-12005-7626
https://www.thedailyyami.com/5BMR57K/PMN8S95/?sub1=2&sub2=2189-14223&sub3=631521-12005-7626
https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680

46 KB
12 KB

421ms
348ms

Document
text/html

2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Requested by: Host: emanhtap.arfiandi.me
URL: http://emanhtap.arfiandi.me/redirect.php/c14223cRrVY631521NLkw12005CRO7626fOhe2189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 974ce1162124ddb653a73d6b8912d6f86ab3289bfbed9b5c18248dfb9a51e885

Request headers

Referer: http://emanhtap.arfiandi.me/redirect.php/c14223cRrVY631521NLkw12005CRO7626fOhe2189
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, s-maxage=60
cf-cache-status: DYNAMIC
cf-ray: 7495b779ee7a9043-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 12 Sep 2022 03:57:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdRnAsNoMs1ZrKHRjEqVIWTbip1XJs9VT9MOGJlOGolp%2BZ%2B4BTqBUvR8g4qI7pX5bf88fTwQCwV2E3rFnbmU7flHl6zh5KyHZwL44zfjH77U7ok1arm%2BTmwKfJH809WGtNwIphxkjy050YEu%2BYk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

Redirect headers

Content-Length: 265
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 03:57:02 GMT
Location: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Server: nginx
Vary: Origin
X-Eflow-Request-Id: 681a1b43-6004-4ffd-a9e0-795646ec8789

GET
H2 200 css2
fonts.googleapis.com/ 12 KB
1 KB 60ms
24ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@300;400;500;600;700;800;900&display=swap

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dd2d90f624611c764ed94e067391c89de631aadbf418cb69271ed0b99ba952df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 02:51:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Sep 2022 03:57:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Sep 2022 03:57:02 GMT

GET
H2 200 theme.css
get-tvidler.com/css/ 241 KB
40 KB 17ms
15ms Stylesheet
text/css 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/css/theme.css?id=2b52aaf7739bc5c609ecc15ee8dff158
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c1a33aa036edee4bbd63a2c2026e2bb02c640573d8c28e86eaf93cf3b69edc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399245
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 07 Sep 2022 12:16:15 GMT
server: cloudflare
etag: W/"63188b8f-3c2a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMEXWxNmhqv7bk1MQs2kV0rAxUkclA8RkKhhqJAEVrz5ED6fvuRHSkOKOmsOYR4cZQ7VZRr4wK%2FSJIxsj15wOoJ4Brol10faH2jC2C4TrFy2ejbAImqVSZGdZHULxzrN4kA6JZQ3BS81m11MNPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: 457d6542e59a402d51cd93ced9b9cb6e
cache-control: public, max-age=2592000
cf-ray: 7495b77c2fca9043-FRA
expires: Fri, 07 Oct 2022 13:02:57 GMT

GET
H2 200 main.css
get-tvidler.com/css/tvidler/ 67 KB
12 KB 20ms
18ms Stylesheet
text/css 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/css/tvidler/main.css?id=51de6240f353db21f96a3ea3cd3046d2
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4753ee3654144011a48c2e7cca85a827da523b3589e066fdaa41a0f36365118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2123478
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 Aug 2022 13:49:43 GMT
server: cloudflare
etag: W/"62fe4377-10a3e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhopNR3lsxAHdw1OMDsI%2FqnVMQgAEn63QsOFFOloFo2btohSll%2Ffnst7HVsifNYh2jqCHEz0golTOQOZVgzLeQAqCMnHqT6uIXIRqaY2UibZpk7QTomWnhPeSYpovT5iADNybBZzTLHwpAcgbW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: e37d1d8cc2098d4612985338190b6d8c
cache-control: public, max-age=2592000
cf-ray: 7495b77c2fcb9043-FRA
expires: Sat, 17 Sep 2022 14:05:44 GMT

GET
H2 200 manifest.js Show response
get-tvidler.com/js/ 2 KB
2 KB 18ms
16ms Script
application/javascript 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/js/manifest.js?id=38a11759a4fedfd1824ffd1f5c6c7246
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03330fcf01fcd66bfec303801a3f2e2841192d5ef82ec50503ea8b206d7ccef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1629872
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 23 Aug 2022 10:31:36 GMT
server: cloudflare
etag: W/"6304ac88-886"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHDi8WwrICVdNuAZuDMPs7Cj13vxxnlA3llm%2F4A11%2FyuNOe5tUtMqOMF6TFEE7lAUbbNkd%2F%2Fc5bgdA%2B3xVMfz7ejgPWF9fo2%2BEmmjs9FpXcNkMTTBJkS62NRP5ixNYb8GEgM9JpWQZ3FW8FTeqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 477ecc1a2c02d4120ad9d3fd4edb5f05
cache-control: public, max-age=2592000
cf-ray: 7495b77c2fd09043-FRA
expires: Fri, 23 Sep 2022 07:12:30 GMT

GET
H2 200 vendor.js Show response
get-tvidler.com/js/ 88 KB
32 KB 26ms
25ms Script
application/javascript 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/js/vendor.js?id=a9402286542153c0788464677ce71aa4
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 149fdfa9d773b242dbae1c5d9f2794597a7693e147a5bfc562ae52f6aefb49b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 838814
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 01 Sep 2022 14:49:58 GMT
server: cloudflare
etag: W/"6310c696-15f91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p4bQiECtYm6GKUVT89WQUzaaSElhxejfcWOIiVIl8GDjoiuehsGpXJ15DdqHqxwysyGv%2BqfioFezftWx8emfJdPJ0IeLZQ0LVVhz7taCfDnPVh6m9V%2BXXkEvmm8sS%2FevnXnIYmE%2FAevXLw%2BEgY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 749ad314655235c0939dfd140984cfcd
cache-control: public, max-age=2592000
cf-ray: 7495b77c2fd19043-FRA
expires: Sun, 02 Oct 2022 10:56:48 GMT

GET
H2 200 theme.js Show response
get-tvidler.com/js/ 1 MB
341 KB 40ms
39ms Script
application/javascript 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/js/theme.js?id=362037b36b34c9f9abd0d1ffb6a3cfa7
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ed021f3a69360ca550010aac660191b2c5485d85c779ff26b1a50fe985e61fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 329271
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 08:03:46 GMT
server: cloudflare
etag: W/"6319a1e2-14daf9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZq7JuLjQnonUlMs8SBeI1%2BiLNEPvev3cFZ%2BOXFjSjMWiEAxH%2FmyVjIIXNhlBDW2BUUpxYxzvDEMQ0BTEn78SzVdzaluCHCGLKIqsoR1FwkZn%2B1Xufhhe7j49PVQctIQ%2FDrXWOXKoYHib5iKSVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: f012d2e55bf20bb9c7b6eb70babcd4c8
cache-control: public, max-age=2592000
cf-ray: 7495b77c2fd29043-FRA
expires: Sat, 08 Oct 2022 08:29:11 GMT

GET
H3 200 alpine.js Show response
get-tvidler.com/js/ 37 KB
14 KB 18ms
18ms Script
application/javascript 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/js/alpine.js?id=465f3afd15e6dee00b919f548eb45520
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d55c1dae8668c62e9314ee042a3d23d307d849315839dc50bcb57b294a70d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 762325
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 02 Sep 2022 12:14:01 GMT
server: cloudflare
etag: W/"6311f389-9368"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90GU2WtHjIaSMauO8iWQMPCM5YRRo9vOemToXuaKCyvC57UfZM%2FjIP1CyDYAhDHYC5DY0ngvaa1pM2FvtFgf%2BmnLgK41Vmca7Y5mXiaobrnfVM6Hl3CjguOB%2FG9LqZBIbOdRD7x1wcqKwLLkpVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-cloud-trace-context: 8e914076a6ce5231a4938a8deae21f2b
cache-control: public, max-age=2592000
cf-ray: 7495b77c9d2dbbd7-FRA
expires: Mon, 03 Oct 2022 08:11:37 GMT

GET
H2 200 global.css
get-tvidler.com/css/legacy/instant-translator/speak-43-languages/ 37 KB
8 KB 13ms
12ms Stylesheet
text/css 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://get-tvidler.com/css/legacy/instant-translator/speak-43-languages/global.css?id=3a7890eb2b33da8d0ea6715c677c74f2
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1b6f8c62edfe328b967ff88db407a85f1784904171cdb2072d3f983eb427a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229760
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 08 Sep 2022 12:46:46 GMT
server: cloudflare
etag: W/"6319e436-94b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wDscJMA0DyvARBMOflLyFn%2Bi61fKI3sWcyuUTD4tgJ2tl8BDVa6Sc1UOj7CftVn1NffAKzz1ChRGgX%2BBniq0yEX2ZaQfxr6UQf8EY1wEcRLl0r5yy5iLFkKvAuh%2F%2BnffpYNhuw2XS66Obg3prI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-cloud-trace-context: cfa572c9b80339955fc92aabe49d8dd3
cache-control: public, max-age=2592000
cf-ray: 7495b77c2fce9043-FRA
expires: Sun, 09 Oct 2022 12:07:42 GMT

GET
H2 200 everflow.js Show response
www.dsw0trk.com/scripts/sdk/ 58 KB
18 KB 227ms
120ms Script
text/javascript 34.120.82.94
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dsw0trk.com/scripts/sdk/everflow.js
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.82.94 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 94.82.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: aca87b8d10db03da6cd4eefe9e83d20f26ee437258f2c1e601dcf26c29d610c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: text/javascript
content-encoding: gzip
cache-control: max-age=14400
x-eflow-request-id: 09b0fdff-c801-4b33-8eb6-0beaf57f2656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 58ms
23ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136786017-1&l=gaLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

423a9de7962023e332f18ade31ea9abd9e9372eb1e192c39f8c5c39bad9538c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43046
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:57:02 GMT

GET
H3 200 de.svg
get-tvidler.com/theme/images/flags-svg/countries/ 160 B
711 B 13ms
13ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/images/flags-svg/countries/de.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a4fa7f09552fdb73936549ee0e77c22f16594dd1a370245ce34132e6bb483d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1701982
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 18 Jun 2021 14:25:14 GMT
server: cloudflare
etag: W/"60ccacca-a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRbr1MYo506Fe%2FlexZR%2ByUJMQ8VuL7%2BlAupxfIOJkYp5OK%2Bvg%2FzvKjb5Zimqpjw%2FXQWKHWQ61%2BaTb%2F3OG7R4EwZO%2BdJhGRMgXcdQVaEngw7taE%2BfOCDnHC8%2FLfuhuZVNXXK7VDa%2FSGS4DOoCnfM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 0c376c10ee1f24801349665cfadfd231
cache-control: public, max-age=2592000
cf-ray: 7495b77d9dfdbbd7-FRA
expires: Thu, 22 Sep 2022 11:10:40 GMT

GET
H3 200 logo-tvidler-white.svg
get-tvidler.com/theme/tvidler/product/images/ 2 KB
2 KB 13ms
12ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/product/images/logo-tvidler-white.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e04001bd58f68c5801a07496601fb9bc6e89c1f66700e8734593261b87e7819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1793620
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 18 May 2021 12:25:36 GMT
server: cloudflare
etag: W/"60a3b240-9d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPPfbr0hRMsqq3Ot3IqZrGfbMEmXAW65UerPbhWKcqk33AFhyLAmpjF9dNxtBmHaoSDHwV6V6M96a17ETN70d9tWrcbHsjwnFobN0TY4Ey7vBJR6J%2Fnp6unYgI%2F4S3kg4R4gWPCsSYO9%2FLTDt5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 2ef3e872fdb9b9e3cd580b1f4e6c23bf
cache-control: public, max-age=2592000
cf-ray: 7495b77dae00bbd7-FRA
expires: Wed, 21 Sep 2022 09:43:22 GMT

GET
H3 200 klarna.svg
get-tvidler.com/theme/images/klarna/light/ 1 KB
1 KB 16ms
13ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/images/klarna/light/klarna.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3f01bb448407979ebe5471cd635455e74427aad544043bcaf952433aa38f9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1701982
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Jan 2021 08:12:25 GMT
server: cloudflare
etag: W/"60014e69-5a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pkoG9gN5vV0Z2P0CBj2czhRsj%2F%2B2L7Ss9mG8%2F2kerOTlKMU9enmf9FoAK%2FHZA0x0hR%2BuroEmJuSoRfgsSKhKYAg%2FpPOxlMxTMslZffhyhoC4F89SR61AuOvlEebieU687GPOjgFq%2F4CSYZ4e%2FZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 99b1b51dbeff1fb85a79bd370b766c0e
cache-control: public, max-age=2592000
cf-ray: 7495b77dae03bbd7-FRA
expires: Thu, 22 Sep 2022 11:10:40 GMT

GET
H3 200 rating-stars.png
get-tvidler.com/theme/huusk/articles/ 754 B
1 KB 15ms
12ms Image
image/png 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/huusk/articles/rating-stars.png
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99ceb4411d3aada212b8e8170d6b8bf3d9b70f693d510efb755de658cb48e293

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171500
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 754
last-modified: Mon, 05 Sep 2022 06:49:27 GMT
server: cloudflare
etag: "63159bf7-2f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uma%2BC0pwOdNHMoJY%2F74LL1eKW4jmfeO9%2BLIi9A3JwKRxvTMD%2FPkg8xXllsHcQmgfXx6RJus7vQJHveJ0aBnl3rN%2BRR%2Ba2NS7ttk5W7hAC5%2F11wPAQ8D%2Fw0DjHTmJIcY4Sb4kOrI8mKBv%2B0ICZzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-cloud-trace-context: a4da9be1bd720ffda63120135564d599
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7495b77dae06bbd7-FRA
expires: Mon, 10 Oct 2022 04:18:42 GMT

GET
H3 200 image-1.jpeg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 51 KB
52 KB 47ms
44ms Image
image/jpeg 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/image-1.jpeg?1
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a8a28690bc409523b4a70f9333494169b45e9c6ad45d8243ef11ca6408c3fc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52267
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: "63159bfa-cc2b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1lQvBW1DoNTaGvGqRgy6c9Rl2JwlMTeh8Kcg1Ye5xTtcNjhGUFZqZJXuLA2l0WlYhYhKCJdk%2FqzoacRa7%2FJtCsRZTwpOYGKIVwLm1dEorR%2B4GHFkQBh50GmOYhWQ5%2FPRFnkqRzkVzPyKZhxQN20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-cloud-trace-context: 5db32639e45f3e8f8c2978af9d8cf097
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7495b77dae07bbd7-FRA

GET
H3 200 image-2.jpeg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 35 KB
36 KB 35ms
32ms Image
image/jpeg 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/image-2.jpeg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa68455a609539f676087d0eb86ad6b7955444d3dd901280bb4c4f42be7b95fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36315
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: "63159bfa-8ddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stgt4%2B5yvbZDTe4POLhGVw3hu9nMkukUyBczg%2F9mrR75ghYA454tYJFX3GKJUDXJX8DNg2FmQyM687PhFOYihw35d8PZm3SfpRqU9r2MI1zvDfRwo7nb3lbIRXhleg2EE%2FHmqeUey101XIu80LU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-cloud-trace-context: 87fe868aa27154a965023707468a5530
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7495b77dae08bbd7-FRA

GET
H3 200 image-3.jpeg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 23 KB
23 KB 41ms
38ms Image
image/jpeg 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/image-3.jpeg?1
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ca693367bd3ba14336e9a60766c9bf46404a8dc317a78536b8292b70d99511

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23175
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: "63159bfa-5a87"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGKi%2BvS%2BTKw3G%2Fjsdzf%2FgXKtb3jfTUGinuO%2BeLzWOWlhp5b0417RL1DtbjX9lwAH7yoKLBeMctjJA97%2FI6XW65HYAjOJjCDK26ne%2Bp1HmMAtHXV2l9Fbcg5PlLYwKcGrQ9S752Yrj3LJ1MP24oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-cloud-trace-context: 0bcfbd90f11df7d98d6ebcee0eb48390
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7495b77dae09bbd7-FRA

GET
H3 200 image-4.jpeg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 43 KB
44 KB 50ms
47ms Image
image/jpeg 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/image-4.jpeg?1
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3440320553f6753fdf3c478d1ebe9f506a976959ac3f73de90837cebb6a8ff96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44439
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: "63159bfa-ad97"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJGpgKHE0B8OHvXfCfgNLkJhd68eN5%2Fei9dGINT7E6dgICoeYFzQFmxFfXGN%2BeIMNj2%2Ff9S9Oi4uCyIFTf72TJlPXH0X%2B4k%2F2ige%2FfmHJSqkgu2DPLBZKLHtSXVSkfs3C9b2Ec2e9q%2Bp6wAZTw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-cloud-trace-context: 23c98aad37ff3a1448abbc29990e2a58
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7495b77dae0abbd7-FRA

GET
H3 200 steps-grouped.svg
get-tvidler.com/theme/images/klarna/light/ 9 KB
4 KB 16ms
14ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/images/klarna/light/steps-grouped.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e90fe5d4bc6bc3e996657e88f993ab7b70064235be1b9ff0beaca6685cf6a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2299606
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Jan 2021 08:12:25 GMT
server: cloudflare
etag: W/"60014e69-23bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTJEgPbDxIFQqO1svcGEFd7%2FuyYVZNm7LlTlbW1sfVzofXM7skGN%2ByYVvZSp%2BxkpLCZfixCKNVNH0v%2BMlTJjXLBrGLwYMxfY9beliYYaKCMcxE91vpTqt3kDXnTPZEE7C7sx1SQ82nySm4sc%2B50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 18d9c4850f4818e3ce37a412ef3a7aca
cache-control: public, max-age=2592000
cf-ray: 7495b77dae0bbbd7-FRA
expires: Thu, 15 Sep 2022 13:10:16 GMT

GET
H3 200 trustpilot.svg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 767 B
852 B 15ms
13ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/trustpilot.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a80c24b3f2e18f80ab6516d34d750bd632d4404ec26e7b694d07f24ffb8298e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171500
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: W/"63159bfa-2ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0yt8TPm0TIyEjjasT4xdfxLJFJu7lHqWsNUyg4o8K7yHF%2FRPbXMHvcGoAqCsHXFoJzSjNx%2F5S5y3ovrtnhLMQnVD%2FYReNnvPhTqpN8R%2F0fT8Wqk30KmIViOmXUqDsd%2Bp7nHuDsd3aGF7Mi1cL0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 7c081078665355b591059c1b45daea19
cache-control: public, max-age=2592000
cf-ray: 7495b77dae0cbbd7-FRA
expires: Mon, 10 Oct 2022 04:18:42 GMT

GET
H3 200 trustpilot-logo.svg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 3 KB
2 KB 17ms
14ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/trustpilot-logo.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a512c70a74bfccc6b76a8f1b10cf56c71dde8edc98e04c0d0ca6d76269737c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171500
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: W/"63159bfa-cf1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nFASbK%2B1ZYy6ydT4IMH4%2Bu57Baj9TfmR%2FABqjEliAmEo71JAV%2FfFtmRQ4xrUA5GKgCy4qWtwU9JBj21X8YzSTxwBkWAquaVg9EHlBM0necCfXQPkn2w5gsPjA4P%2Fl84pnMZR0bzCoJeZ3269B%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 104daadd9bd7706bba95490787375807
cache-control: public, max-age=2592000
cf-ray: 7495b77dae0dbbd7-FRA
expires: Mon, 10 Oct 2022 04:18:42 GMT

GET
H3 200 tvidler-ce-logo.png
get-tvidler.com/theme/tvidler/product/images/ 5 KB
6 KB 16ms
14ms Image
image/png 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/product/images/tvidler-ce-logo.png
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3003407c5fbfb4661bf32b0ca682779ddb4ea0095202ebf565ee4725eac0b1bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1435451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5110
last-modified: Wed, 23 Mar 2022 09:01:23 GMT
server: cloudflare
etag: "623ae1e3-13f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7er6rFd9dMXXiWbvsXdZw9CeMAb5056To9Fhc9CTqUk4APovV2V8irJszZYSTiu2nwn%2BQ0LQP68om%2Feb0ewBVU51pTIgyj%2B96GZVu7yj9qnkU09AqoVD7lj7Dk9GABT7q3Z08LS3F8ABnNuums%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-cloud-trace-context: 122f67df7599489c427c2afae26868bd
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7495b77dae0ebbd7-FRA
expires: Sun, 25 Sep 2022 13:12:51 GMT

GET
H2 200 e0b1b467-0215-449a-8a34-1e08ad6f2d80.js Show response
clientcdn.pushengage.com/core/ 114 KB
25 KB 60ms
8ms Script
application/javascript 18.66.147.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://clientcdn.pushengage.com/core/e0b1b467-0215-449a-8a34-1e08ad6f2d80.js
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-15.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 3916cf5b038c981931541676df276e0fa09cde970146605114909d6fd214ffbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:56:23 GMT
content-encoding: gzip
server: nginx
age: 40
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=120
x-amz-cf-pop: FRA60-P4
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Y4cZ9DTucYlYCMPqUVKOfP5b3I_i0n9WfylONoZfadWqwfVzAtNHlg==
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)

GET
H2 200 hotjar-2707620.js Show response
static.hotjar.com/c/ 4 KB
3 KB 59ms
8ms Script
application/javascript 108.138.17.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2707620.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.17.83 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-17-83.fra56.r.cloudfront.net

Software

Resource Hash

e0bed9fb7257105c361e66cc337e12a01257c4a33f24dbed893846d90304f5f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
age: 40
x-cache: Hit from cloudfront
date: Mon, 12 Sep 2022 03:56:48 GMT
cross-origin-resource-policy: cross-origin
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cache-control: max-age=60
etag: W/d779e7591df2d61cddc61fc18dc079c1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: kKyhEXnCmFalPV7Ht77s0wbUfLYWX13kjvE3jDdgRVY-kmStcsI1YQ==

GET
H3 200 klarna.svg
get-tvidler.com/theme/images/klarna/ 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/images/klarna/klarna.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/css/theme.css?id=2b52aaf7739bc5c609ecc15ee8dff158
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9267ed951373fa4d49818d39865e13076ed5a0c0acc82986c2a18115a877d04e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/css/theme.css?id=2b52aaf7739bc5c609ecc15ee8dff158
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:02 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1789859
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Jan 2021 08:12:25 GMT
server: cloudflare
etag: W/"60014e69-8cb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FOpegwVIPeW9sKjb2K0DIA5JcoPbo9NLBJ0ansbEW07gFdOYLUJgQ6lsR3UmR0oEoUcAVUdTsR8EHcXHSx%2F7LNsTxG8LeFyyff5cCiIZRFexE%2BtCY%2FofPiDg4YyZwxG4NVlHEbgFBkmak7043g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 666dae7776295a8b09289f4a50f8e949
cache-control: public, max-age=2592000
cf-ray: 7495b77dbe13bbd7-FRA
expires: Wed, 21 Sep 2022 10:46:03 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 60ms
24ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3ZBw1xU1rKptJj_0jans920.woff2

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/css/legacy/instant-translator/speak-43-languages/global.css?id=3a7890eb2b33da8d0ea6715c677c74f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-tvidler.com/
Origin: https://get-tvidler.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 08:47:25 GMT
x-content-type-options: nosniff
age: 414578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10352
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Sep 2023 08:47:25 GMT

GET
H2 200 k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
11 KB 50ms
15ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/k3k702ZOKiLJc3WVjuplzBampu5_7CjHW5spxoeN3Vs.woff2

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/css/legacy/instant-translator/speak-43-languages/global.css?id=3a7890eb2b33da8d0ea6715c677c74f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-tvidler.com/
Origin: https://get-tvidler.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 16:37:35 GMT
x-content-type-options: nosniff
age: 472768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10284
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Sep 2023 16:37:35 GMT

GET
H2 200 EInbV5DfGHOiMmvb1Xr-hhampu5_7CjHW5spxoeN3Vs.woff2
fonts.gstatic.com/s/opensans/v13/ 10 KB
10 KB 52ms
18ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/EInbV5DfGHOiMmvb1Xr-hhampu5_7CjHW5spxoeN3Vs.woff2

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/css/legacy/instant-translator/speak-43-languages/global.css?id=3a7890eb2b33da8d0ea6715c677c74f2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22a56edbb665c2f3f7a3362261db9afcf79da95fa471c4da36a8f84b74f19caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-tvidler.com/
Origin: https://get-tvidler.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Fri, 09 Sep 2022 08:11:01 GMT
x-content-type-options: nosniff
age: 243962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10436
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:05 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 09 Sep 2023 08:11:01 GMT

GET
H2 200 launcher-v2.js Show response
omnisrc.com/inshop/ 56 KB
15 KB 49ms
17ms Script
application/javascript 2606:4700::6812:41c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisrc.com/inshop/launcher-v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:41c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9534e81d5aef15710000af9f42f695104d66f74f10f94c14ab88ba9b55a413f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
age: 2205
x-envoy-upstream-service-time: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 06:45:00 GMT
server: cloudflare
etag: W/"631ae0ec-de40"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7495b77e2ccb9193-FRA
expires: Mon, 12 Sep 2022 04:20:18 GMT

GET
H2 200 web_surveys.js Show response
survey.survicate.com/workspaces/52f51878a43b947dfd014cfa0d3f7428/ 0
364 B 143ms
102ms Script
text/javascript 68.70.204.3
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.survicate.com/workspaces/52f51878a43b947dfd014cfa0d3f7428/web_surveys.js
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 68.70.204.3 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn-engine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
last-modified: Fri, 09 Sep 2022 07:17:22 GMT
server: keycdn-engine
x-amz-request-id: XDDK9GS10FJW8VJR
x-edge-location: defr
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: EXPIRED
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=30
content-length: 0
accept-ranges: bytes
x-amz-version-id: o_wTgxviSzJ1hZ6lD5gFA.voaao_JVDf
x-amz-id-2: Vm+Vkc2ma0QqomKIrxk8Dn5XJ3rn9JWHgxwobrhRtPFklwmpRAHWedv5EvjCwuWLOofWhjHax5U=

GET
H3 200 image-5.jpg
get-tvidler.com/theme/tvidler/articles/earwax-build-ups/ 64 KB
65 KB 13ms
13ms Image
image/jpeg 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/tvidler/articles/earwax-build-ups/image-5.jpg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d416d0adb00e7f4d9aabc28f5dc7c194ba24bdbc23f24060e641c0c0bed75cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/articles/earwax-build-ups/?l=fr&c=eur&vndr=evf&evf=1&prk=4bpx3&utm_source=aff&utm_medium=9&uid=1965&offid=18&affiliate_id=9&subid=4792a5b9e0074a5ca34c68148c420691&subid2=2680
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171501
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66027
last-modified: Mon, 05 Sep 2022 06:49:30 GMT
server: cloudflare
etag: "63159bfa-101eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2K2ej477UtMlIUKuTUvBvd4WvNBY5b6VXTZaUWyaYk1ZEkJ%2Fb9PfICGKgcwHilUyn9Lit4YkNHmNWdkadlns8kN3D9qWmbcntdKgGGYOYUbgGYtshYwhbIwBAmY9xgaTUN7tBctab91ZBt5Fl0g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-cloud-trace-context: 869854f8ad06e07bf9cf5fa9f1817e75
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7495b77dfe7dbbd7-FRA
expires: Mon, 10 Oct 2022 04:18:42 GMT

GET
H3 200 phone.svg
get-tvidler.com/theme/images/footer/ 1 KB
1 KB 14ms
13ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/images/footer/phone.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/css/tvidler/main.css?id=51de6240f353db21f96a3ea3cd3046d2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 735dc9f7bde59298b70840c9410167c382eb393a88410f5041f65321e8128468

Request headers

Referer: https://get-tvidler.com/css/tvidler/main.css?id=51de6240f353db21f96a3ea3cd3046d2
Origin: https://get-tvidler.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1793620
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 15 Jan 2021 08:12:25 GMT
server: cloudflare
etag: W/"60014e69-487"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih3of%2F51PcuH8HUra1%2B4vu5NQHoHZIN8NKPRpfh0SIUYJvMYHTxTcHpSPbPsOqdjIgwATGjwcYYaOMqFqdIS6IkFA3U3WYCgvOk8e1xKuzH1JGmpnGCXIC9Fbm3RHDadcAWJLDdTP8blrcUNrkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 23d623d4ae1da84db4feda47f575d3a5
cache-control: public, max-age=2592000
cf-ray: 7495b77e0e80bbd7-FRA
expires: Wed, 21 Sep 2022 09:43:23 GMT

GET
H3 200 emails.svg
get-tvidler.com/theme/images/footer/ 846 B
1 KB 14ms
14ms Image
image/svg+xml 2606:4700:3033::6815:5d1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://get-tvidler.com/theme/images/footer/emails.svg
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/css/tvidler/main.css?id=51de6240f353db21f96a3ea3cd3046d2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5d1f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42831ea0fdcc1d036f4eee1b68a4b0fa68e321d6b507e4bf515a4cefda201339

Request headers

Referer: https://get-tvidler.com/css/tvidler/main.css?id=51de6240f353db21f96a3ea3cd3046d2
Origin: https://get-tvidler.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 245336
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 05 Sep 2022 06:49:28 GMT
server: cloudflare
etag: W/"63159bf8-34e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4UBMSZKJ1LM5bYMx1vYUGLf%2FX42gGWpQ9iGO0ETpPe07Ackkhm%2FF1FUOlgLa%2BOLQR%2Bq%2F0olaYCME1bKhwBisUvNM%2BabO2BaIeFlJhimfxcUJAW56XikFrZrC6WiRkiP3B3neS7r1eIRxUl8FEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-cloud-trace-context: 485dac34fa2302839c399ec2020dacd6
cache-control: public, max-age=2592000
cf-ray: 7495b77e0e81bbd7-FRA
expires: Sun, 09 Oct 2022 07:48:07 GMT

GET
H3 200 xjAJXh38I15wypJXxuGMBogp9Q8gbYrhqGlRav_IXfk.woff2
fonts.gstatic.com/s/opensans/v13/ 11 KB
11 KB 42ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/xjAJXh38I15wypJXxuGMBogp9Q8gbYrhqGlRav_IXfk.woff2

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/css/legacy/instant-translator/speak-43-languages/global.css?id=3a7890eb2b33da8d0ea6715c677c74f2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

714a7833e206f7badfb389684a5f9be4ca3460a74ae5607dcd34ca291f7dc26e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://get-tvidler.com/
Origin: https://get-tvidler.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Tue, 06 Sep 2022 23:18:42 GMT
x-content-type-options: nosniff
age: 448701
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10920
x-xss-protection: 0
last-modified: Mon, 27 Apr 2015 23:45:27 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 06 Sep 2023 23:18:42 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 57ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WX0E59ZN27&l=gaLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136786017-1&l=gaLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7bbc89d6c72cefef6a5c569161294aade5f70402218d0e656285ac3134e4235b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65038
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:57:03 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136786017-1&l=gaLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3303
date: Mon, 12 Sep 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 12 Sep 2022 05:02:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 43ms
26ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2DT0NCM1Q4&l=gaLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136786017-1&l=gaLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61f99c96999526a11b6ef4eb0151dcf51eec7b056b27a446a920af8b8d548d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65025
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:57:03 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 61ms
44ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0V56LCXTVL&l=gaLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136786017-1&l=gaLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

776c7c494c8ef798496bf11ea367f7b48d47367d34ae02ea438831d15cb290af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74786
x-xss-protection: 0
expires: Mon, 12 Sep 2022 03:57:03 GMT

GET
H2 200 modules.448392d04fd1e15c100a.js Show response
script.hotjar.com/ 251 KB
65 KB 31ms
8ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.448392d04fd1e15c100a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2707620.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Wed, 07 Sep 2022 10:58:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 406736
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65486
access-control-allow-origin: *
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
etag: "dda0289b22368ab84a40f8dab68ddb9e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 d9bcd0a29e17b9290f8c9f1617335954.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: a-aaTqtBNdaGYiTze6ENYvsS4l2YGRAQzBeMcSnrZOESunFfdEafIw==

GET
H2 200 getSettings Show response
forms.soundestlink.com/REST/inShop/v1/ 1 KB
934 B 172ms
137ms Script
application/json 2606:4700::6812:1b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.soundestlink.com/REST/inShop/v1/getSettings?callback=_omnisend.setSettings&responseType=jsonp&shopHostname=get-tvidler.com&shopType=api&brandID=6093921e831b923973e458bc

Requested by

Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efeec6422353683e8231790855255bc3fd82795065299b3bc9777e3196f0de7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray: 7495b77eeb589b77-FRA
date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: EXPIRED
last-modified: Mon, 12 Sep 2022 03:57:03 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, s-maxage=600, public
x-envoy-upstream-service-time: 6
strict-transport-security: max-age=15552000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 event
wt.soundestlink.com/REST/webTracking/v1/ 42 B
252 B 168ms
136ms Image
image/gif 2606:4700::6812:1a30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wt.soundestlink.com/REST/webTracking/v1/event?timestamp=1662955030458&brandID=6093921e831b923973e458bc&shopType=api&shopHostname=get-tvidler.com&url=https%3A%2F%2Fget-tvidler.com%2Farticles%2Fearwax-build-ups%2F%3Fl%3Dfr%26c%3Deur%26vndr%3Devf%26evf%3D1%26prk%3D4bpx3%26utm_source%3Daff%26utm_medium%3D9%26uid%3D1965%26offid%3D18%26affiliate_id%3D9%26subid%3D4792a5b9e0074a5ca34c68148c420691%26subid2%3D2680&utmMedium=9&utmSource=aff&title=Vous%20pensez%20que%20vous%20vous%20nettoyez%20les%20oreilles%20correctement%2C%20mais%20avez-vous%20ce%20d%C3%A9capant%20pour%20cire%20d%27oreille%20%3F%20%7C%20Tvidler&anonymousID=Swh92EsZ1Fx2Et-20220912035710&sessionID=2XOPmCFKe8ffGk-20220912035710&type=pageview

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
content-type: image/gif
x-envoy-upstream-service-time: 1
cf-ray: 7495b77eeae65be1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 7F5F 2 KB
1 KB 55ms
7ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2707620.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://get-tvidler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 412796
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-cf-id: sWdPXzvJInekwIXEJkzTmyvR1PEeY_HBAkCeBzn_FYjCMYPfFx-_dA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H3 200 click Show response
www.dsw0trk.com/sdk/ 87 B
107 B 151ms
123ms Fetch
application/json 34.120.82.94
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dsw0trk.com/sdk/click?effp=3d40f8a1fe07e8b739d693eee48d0ee6&_ef_transaction_id=&oid=18&affid=9&__cc=&async=json&uid=1965&sub1=4792a5b9e0074a5ca34c68148c420691&sub2=2680&ttclid=null
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/js/theme.js?id=362037b36b34c9f9abd0d1ffb6a3cfa7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.82.94 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 94.82.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: ec2f49d701bc11e8cdf567e18162a21d88c76642e6c6094137a4e1a5d48fb45d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://get-tvidler.com
access-control-allow-credentials: true
x-eflow-request-id: bcba3b0b-3eac-40db-9d84-5456f18b3b31
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 48ms
20ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1678472605&t=pageview&_s=1&dl=https%3A%2F%2Fget-tvidler.com%2Farticles%2Fearwax-build-ups%2F%3Fl%3Dfr%26c%3Deur%26vndr%3Devf%26evf%3D1%26prk%3D4bpx3%26utm_source%3Daff%26utm_medium%3D9%26uid%3D1965%26offid%3D18%26affiliate_id%3D9%26subid%3D4792a5b9e0074a5ca34c68148c420691%26subid2%3D2680&dr=http%3A%2F%2Femanhtap.arfiandi.me%2F&ul=en-us&de=UTF-8&dt=Vous%20pensez%20que%20vous%20vous%20nettoyez%20les%20oreilles%20correctement%2C%20mais%20avez-vous%20ce%20d%C3%A9capant%20pour%20cire%20d%27oreille%20%3F%20%7C%20Tvidler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1911242868&gjid=1396376717&cid=27187363.1662955031&tid=UA-136786017-1&_gid=724106059.1662955031&_r=1&gtm=2ou970&z=610195143

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/js/theme.js?id=362037b36b34c9f9abd0d1ffb6a3cfa7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://get-tvidler.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:57:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get-tvidler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
347 B 46ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WX0E59ZN27&gtm=2oe970&_p=1678472605&cid=27187363.1662955031&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662955030&sct=1&seg=0&dl=https%3A%2F%2Fget-tvidler.com%2Farticles%2Fearwax-build-ups%2F%3Fl%3Dfr%26c%3Deur%26vndr%3Devf%26evf%3D1%26prk%3D4bpx3%26utm_source%3Daff%26utm_medium%3D9%26uid%3D1965%26offid%3D18%26affiliate_id%3D9%26subid%3D4792a5b9e0074a5ca34c68148c420691%26subid2%3D2680&dr=http%3A%2F%2Femanhtap.arfiandi.me%2F&dt=Vous%20pensez%20que%20vous%20vous%20nettoyez%20les%20oreilles%20correctement%2C%20mais%20avez-vous%20ce%20d%C3%A9capant%20pour%20cire%20d%27oreille%20%3F%20%7C%20Tvidler&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WX0E59ZN27&l=gaLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:57:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get-tvidler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-2DT0NCM1Q4&gtm=2oe970&_p=1678472605&cid=27187363.1662955031&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662955030&sct=1&seg=0&dl=https%3A%2F%2Fget-tvidler.com%2Farticles%2Fearwax-build-ups%2F%3Fl%3Dfr%26c%3Deur%26vndr%3Devf%26evf%3D1%26prk%3D4bpx3%26utm_source%3Daff%26utm_medium%3D9%26uid%3D1965%26offid%3D18%26affiliate_id%3D9%26subid%3D4792a5b9e0074a5ca34c68148c420691%26subid2%3D2680&dr=http%3A%2F%2Femanhtap.arfiandi.me%2F&dt=Vous%20pensez%20que%20vous%20vous%20nettoyez%20les%20oreilles%20correctement%2C%20mais%20avez-vous%20ce%20d%C3%A9capant%20pour%20cire%20d%27oreille%20%3F%20%7C%20Tvidler&en=page_view&_fv=1&_ss=1&_ee=1&ep.0=%5Bobject%20Object%5D&ep.page=earwax-build-ups&ep.page_category=article&ep.product_page_version=&ep.upsell_index=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2DT0NCM1Q4&l=gaLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:57:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get-tvidler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 17ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0V56LCXTVL&gtm=2oe970&_p=1678472605&cid=27187363.1662955031&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662955030&sct=1&seg=0&dl=https%3A%2F%2Fget-tvidler.com%2Farticles%2Fearwax-build-ups%2F%3Fl%3Dfr%26c%3Deur%26vndr%3Devf%26evf%3D1%26prk%3D4bpx3%26utm_source%3Daff%26utm_medium%3D9%26uid%3D1965%26offid%3D18%26affiliate_id%3D9%26subid%3D4792a5b9e0074a5ca34c68148c420691%26subid2%3D2680&dr=http%3A%2F%2Femanhtap.arfiandi.me%2F&dt=Vous%20pensez%20que%20vous%20vous%20nettoyez%20les%20oreilles%20correctement%2C%20mais%20avez-vous%20ce%20d%C3%A9capant%20pour%20cire%20d%27oreille%20%3F%20%7C%20Tvidler&en=page_view&_fv=1&_ss=1&_ee=1&ep.0=%5Bobject%20Object%5D&ep.page=earwax-build-ups&ep.page_category=article&ep.product_page_version=&ep.upsell_index=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0V56LCXTVL&l=gaLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:57:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://get-tvidler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 forms.js Show response
omnisnippet1.com/inShop/ 130 KB
30 KB 44ms
18ms Script
application/javascript 2606:4700::6812:158a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/inShop/forms.js?v=2022-09-12T03

Requested by

Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:158a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83be2ab17588e78cc88faa234f052c9f4240c7df979c8bf82c53e48a3a37b967

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
age: 271
x-envoy-upstream-service-time: 3
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 06:45:00 GMT
server: cloudflare
etag: W/"631ae0ec-206e1"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7495b7815805920e-FRA
expires: Mon, 12 Sep 2022 04:52:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
442 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-136786017-1&cid=27187363.1662955031&jid=1911242868&gjid=1396376717&_gid=724106059.1662955031&_u=YEBAAUAAAAAAAC~&z=893484591

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/js/theme.js?id=362037b36b34c9f9abd0d1ffb6a3cfa7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://get-tvidler.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Sep 2022 03:57:03 GMT
content-type: text/plain
access-control-allow-origin: https://get-tvidler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 2707620 Show response
vc.hotjar.io/sessions/ 0
259 B 82ms
35ms XHR
text/plain 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2707620?s=0.25&r=0.12633162452545088
Requested by: Host: get-tvidler.com
URL: https://get-tvidler.com/js/theme.js?id=362037b36b34c9f9abd0d1ffb6a3cfa7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: zPQYiRwVWluCZizXW6kXITQHeC66HmedDuMt4EMoKcFH9elAkxUhDw==

GET
H3 200 main.js Show response
omnisnippet1.com/forms/ 37 KB
13 KB 28ms
16ms Script
application/javascript 2606:4700::6812:158a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://omnisnippet1.com/forms/main.js?v=2022-09-12T03

Requested by

Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:158a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ab8f837908b46342ba1ef85852bf81e849941c25404822939863f2919eb6c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: HIT
age: 1805
x-envoy-upstream-service-time: 1
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 09 Sep 2022 06:45:51 GMT
server: cloudflare
etag: W/"631ae11f-95f5"
strict-transport-security: max-age=15552000
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7495b7819f01995d-FRA
expires: Mon, 12 Sep 2022 04:26:58 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 70ms
25ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-136786017-1&cid=27187363.1662955031&jid=1911242868&_u=YEBAAUAAAAAAAC~&z=8532686

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 69ms
24ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-136786017-1&cid=27187363.1662955031&jid=1911242868&_u=YEBAAUAAAAAAAC~&z=8532686

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 03:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 renderedForms Show response
forms.soundestlink.com/REST/forms/v1/ 2 B
323 B 152ms
141ms Fetch
application/json 2606:4700::6812:1b30
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.soundestlink.com/REST/forms/v1/renderedForms?v=2022-09-12T03&brandID=6093921e831b923973e458bc

Requested by

Host: get-tvidler.com
URL: https://get-tvidler.com/js/theme.js?id=362037b36b34c9f9abd0d1ffb6a3cfa7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1b30 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:57:03 GMT
via: 1.1 google
vary: Accept-Encoding
cf-cache-status: MISS
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
last-modified: Mon, 12 Sep 2022 03:57:03 GMT
server: cloudflare
strict-transport-security: max-age=15552000
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=600, public
accept-ranges: bytes
cf-ray: 7495b781ea1c9013-FRA
expires: Wed, 12 Oct 2022 03:57:03 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 59 KB
19 KB 410ms
197ms Script
application/javascript 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

9522f06273f78d21fff2f56b7a3ff41d77a705ededacbfba7e8044436c17743d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:03 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: c4824d1e-1ab8-4292-9a57-5c567ab1a945
x-trace-id: 00-7dd526134f37737cf1faa4cb826cc573-e586e4f5e99cca04-00
served-by: 2601
last-modified: Fri, 02 Sep 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame 8095 5 KB
3 KB 205ms
101ms Document
text/html 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

fe39979438e0368dccaecc305fda1a282470f40624c13c418b12d4b9b3989598

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://get-tvidler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Mon, 12 Sep 2022 03:57:04 GMT
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified: Fri, 02 Sep 2022 09:32:09 GMT
served-by: 9886
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 6ee39059-d71b-4d79-af54-9b2f16f9e793
x-server: 9886
x-trace-id: 00-2a763c5745d5fc33799c9287dab3cd1f-29ff51ea60a58851-00
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/widget/css/ 8 KB
2 KB 102ms
101ms Stylesheet
text/css 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/widget.css?t=1662955031430

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

a9ec88f31255fb6b754bd738328cc171db125c21e21d65dcb3a6b9c8f1109dc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:04 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 12a999cb-136c-49f1-8cce-a784db9b3854
x-trace-id: 00-638f1c7c37540cbfc8268f3c0ca771a5-32ae9af23d5d8d55-00
served-by: 6714
last-modified: Fri, 02 Sep 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 6714
Content-Type: text/css
expires: Tue, 12 Sep 2023 03:57:04 GMT

GET
H2 200 vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 23 KB
4 KB 61ms
7ms Stylesheet
text/css 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:53:42 GMT
content-encoding: br
last-modified: Wed, 03 Aug 2022 12:35:24 GMT
server: AmazonS3
age: 202
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: sRl7TUPoxsOv3M9HxnE1W0oKiNoYnKFibhmpAGN0b6pPk0uoR-fHTQ==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 0
428 B 62ms
9ms Stylesheet
text/css 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:54:36 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
age: 149
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Thu, 11 Aug 2022 14:05:51 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: IYXgkvHk3rtSqWnYmXVs13KEkIUzdIcKO0oxzn2s90FssDxMHgo_Jg==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 vendor.3474f8e0dcdb6126f26894076afa40d6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 684 KB
181 KB 62ms
10ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:55:56 GMT
content-encoding: br
last-modified: Wed, 27 Jul 2022 12:16:47 GMT
server: AmazonS3
age: 70
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: v43FTEyBXPP_S1S8EaN-Zb7Cnoq5vY_FbhiXqeM-3VwUvm4fRI-4Ug==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 5499.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 761 KB
176 KB 8ms
8ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/5499.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4aca6c85bf10a08125382f7d4cb202be8a922e5b68c3e3c6c11e27b356e98639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:55:27 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 09:32:11 GMT
server: AmazonS3
age: 98
etag: W/"5495f2feceed2951f2ae0838e8e3fca8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: WOXumnjCQMJGI6YgH5vJ6AQ6Km4j3yVGZadxrzGkXVLUCeNRnJIVjQ==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 chunk.2b56cbac0d904bae8979.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 229 KB
25 KB 8ms
7ms Stylesheet
text/css 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.2b56cbac0d904bae8979.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0202b0d86a50edb64a2cedeb100b638641af57e2f4f41a21c986bf8e51dde19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:56:06 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 09:32:11 GMT
server: AmazonS3
age: 59
etag: W/"ba9b4857dd18ee88ccb5a1641c47f9ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 29pXxpqO9D1hqVpKp-zqkczcrYPampo_OBHQa-Oy9UroFxXkgvgblw==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 fd-messaging.77edfebb206ba978c9a6.css
assetscdn-wchat.freshchat.com/static/ Frame 8095 229 KB
25 KB 8ms
7ms Stylesheet
text/css 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.77edfebb206ba978c9a6.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0202b0d86a50edb64a2cedeb100b638641af57e2f4f41a21c986bf8e51dde19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:56:17 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 09:32:14 GMT
server: AmazonS3
age: 52
etag: W/"ba9b4857dd18ee88ccb5a1641c47f9ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: KRiMF-kY9WSizobcuKurmpFgG_ES5xcjFzomtjiOWw0lr8BFsZqDOw==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 fd-messaging.daab3cab03fa1bf3ce1a.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 697 KB
124 KB 8ms
7ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.daab3cab03fa1bf3ce1a.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c0610c7f4089f5c09a03242382d9967a7682321babbd507b118e6ffcd179ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:53:59 GMT
content-encoding: br
last-modified: Fri, 02 Sep 2022 09:32:12 GMT
server: AmazonS3
age: 186
etag: W/"8ccb0a1e3ce4b39ba4ca7946e8b97dcc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: PvmaKLGb0pv8JUi9g_Yfs8ytJOeSQusIxTaGLUw6qmgPyuin7jKjbQ==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame 8095 81 KB
25 KB 35ms
8ms Script
text/javascript 108.138.17.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.daab3cab03fa1bf3ce1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-126.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 454ec6b0b01f2eec4c1ae3a03271d69464aebf3360453e328b7c89533b436e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-version-id: Q.olkfElgGq.6NiP4ZJzRcvKvkZl1Gx5
content-encoding: gzip
etag: W/"0be100305c64aa833409ab19122b0cee"
last-modified: Mon, 01 Aug 2022 13:45:04 GMT
server: AmazonS3
age: 4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 12 Sep 2022 03:57:01 GMT
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: nO7FLteQNUvaUBPG4REGqleY4qCFas2EgwdMCbCczd745X-KWBbHOA==

GET
H2 200 chunk.b119e44805094a7aec07.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 5 KB
2 KB 7ms
7ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.b119e44805094a7aec07.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.daab3cab03fa1bf3ce1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76757ef678e74510673670f253fea1f89b87712c316ef719a697c7f6ddae04ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:56:20 GMT
content-encoding: br
last-modified: Thu, 11 Aug 2022 14:05:50 GMT
server: AmazonS3
age: 45
etag: W/"c3f55e7ce3b1831b8a76f54950653df2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: JiCOKjlQHFPYgQ0hG4Bud1hOZVrV63ziJXVyJ7Y1lVhA1itnktM7IA==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 chunk.0dfb86980bd96fea5f35.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 11 KB
4 KB 8ms
7ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.0dfb86980bd96fea5f35.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.daab3cab03fa1bf3ce1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5154cde9d08f4a3bae96c1eac3a618bdc364d421ade88af2f1431920dd30181c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:54:30 GMT
content-encoding: br
last-modified: Tue, 23 Aug 2022 13:27:30 GMT
server: AmazonS3
age: 165
etag: W/"d8042bb19f369210cb40f52e56829484"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: XA6d3rdJ5quPUaU0s5rt0ZJ6uT91SZoQR7SaOzGPQqpweYzFBE_YQg==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/ Frame 8095 2 KB
2 KB 184ms
184ms XHR
application/json 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/config?domain=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

9caa8e8db256128ed7f5910370844246306c80812538d89e9e8ae14bb8c45bd7

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:04 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 82
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 7032e373-655e-4a77-8c45-a2638edcbb47
x-trace-id: 00-f5d817937002536523a92028bc7209b3-fc6a0d92987e8b47-00
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-store
x-server: 2601
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK co-browsing.js Show response
wchat.freshchat.com/widget/js/ 26 KB
8 KB 101ms
101ms Script
application/javascript 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:05 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: efe6ce90-c536-9d51-b5c4-8fd79dddae03
x-trace-id: 00-4b481345905a53b4b45f6e03dd15aa3e-8a9ffdbfb9aaba7c-01
served-by: 4082
last-modified: Fri, 02 Sep 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4082
Content-Type: application/javascript
expires: Tue, 12 Sep 2023 03:57:05 GMT

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 4 KB
5 KB 8ms
7ms Media
audio/mpeg 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 12 Sep 2022 03:53:06 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
age: 242
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Fri, 02 Sep 2022 09:32:13 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: DzjFsCV55PfSpKv0NzHxBv-G_z2dBNE65270YrPmRJja2x6DIFsdSg==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/ Frame 8095 63 B
1 KB 113ms
112ms XHR
application/json 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:05 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 88970c1d-8743-942d-9190-40345e91f7c5
x-trace-id: 00-1194048aa5ebd81c93071c7a51030c05-075a6774b2898a73-01
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-store
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK cb.css
wchat.freshchat.com/widget/css/ 1 KB
1 KB 101ms
100ms Stylesheet
text/css 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/cb.css?t=1662955032468

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://get-tvidler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:05 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 505c17e5-9c6b-4653-8b00-a6855e946072
x-trace-id: 00-6fc261fdd19ab2fb79882f48fcb21b13-7b3c2dd96c22c391-00
served-by: 2601
last-modified: Fri, 02 Sep 2022 09:32:09 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 2601
Content-Type: text/css
expires: Tue, 12 Sep 2023 03:57:05 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/ Frame 8095 90 KB
11 KB 109ms
108ms XHR
application/json 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

882554fb62715133c1f0e564804dc05f055d27f9a97e9b76da3e36ce27c4178b

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:05 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 0
x-status: HIT
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 743587c7-7e85-43ba-b266-200c943d1947
x-trace-id: 00-ebef7887cd7321cdd514995115da6def-9dcb91ccf7c1de54-00
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-store
x-server: 9886
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 chunk.f9a65611ffc789a9ce31.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 59 KB
14 KB 9ms
9ms Script
application/javascript 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.f9a65611ffc789a9ce31.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.daab3cab03fa1bf3ce1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e69c8561fbe0e90c0187d234e7d3698a48e6c1103c332148a19468e9796fead

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Sep 2022 03:52:10 GMT
content-encoding: br
last-modified: Tue, 23 Aug 2022 13:27:31 GMT
server: AmazonS3
age: 295
etag: W/"18fd80b746496308c5e8e92c1d71fe8c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 5LU4-tkDdyqMseHv3l-pSAEmbfbqmKt9sEO41vv5EDEjig4ZgPmPTA==
expires: Sat, 02 Sep 2023 09:32:09 GMT

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/user/9180650f-43d0-497b-8dc3-490202f29793/ Frame 8095 17 B
1017 B 112ms
112ms XHR
application/json 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/user/9180650f-43d0-497b-8dc3-490202f29793/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/5499.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: b23ad3d4-fc97-4b9a-af4d-9f819864122f
x-trace-id: 00-2c97077481538338b5b16b19aba074f1-52bec88632556423-00
server: fwe
Date: Mon, 12 Sep 2022 03:57:05 GMT
x-ratelimit-remaining: 2996
x-fw-ratelimiting-managed: true
cache-control: no-store
x-server: 9886
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 index.html Show response
muama.webpush.freshchat.com/ Frame 96BC 30 KB
7 KB 432ms
405ms Document
text/html 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://muama.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer: https://get-tvidler.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 12 Sep 2022 03:57:06 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
x-amz-cf-id: PPE-Y1GNtSBog6EY0EZWIL9cz8g9kzkqF_a2tmjf5-cAkoKvxqTiWQ==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H/1.1 200
OK category Show response
wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/faq/ Frame 8095 20 KB
7 KB 112ms
111ms XHR
application/json 52.54.22.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/8f45d611-cca6-497c-b3db-a29cc93d7273/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.54.22.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-22-52.compute-1.amazonaws.com

Software

fwe /

Resource Hash

fec86dc2869c40d3089d5895b80d889450fedad096a7a0f9aad7b8685169c8af

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=8f45d611-cca6-497c-b3db-a29cc93d7273&referrer=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 03:57:05 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 10
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: d9e5ec26-4f26-49cf-97ed-4eb51192430e
x-trace-id: 00-50588064f19dde955013c5da5a9115a1-d5d75d3bd0ed6cde-00
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2995
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-store
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 663 B
1 KB 9ms
8ms Image
image/svg+xml 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:54:45 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
age: 150
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 663
last-modified: Thu, 11 Aug 2022 14:05:51 GMT
server: AmazonS3
etag: "cd452acf4efb05843ef7575e5a9de756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: nB63ulVxyy9RO3jQZxvAsWXe_bNxDrclSnp2hwFrJZ3T55GlRHaacQ==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
H2 200 freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png
assetscdn-wchat.freshchat.com/static/assets/ Frame 8095 5 KB
5 KB 8ms
7ms Image
image/png 52.222.214.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat_logo.f6e2dc08072c0bf69ca4c005e561b7dc.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-106.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65844f2f98cb4ef7ee8eea8b791a403cd4c01ff6b638adfba3613738af7efeb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 03:53:46 GMT
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
age: 201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5034
last-modified: Wed, 27 Jul 2022 12:16:46 GMT
server: AmazonS3
etag: "220df3cb357233c7db4db0b168d191ba"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: cCyqUwpPDoEueEhA06VjnqQl67OlnzZtEit6FvmRvQdv7gEp04FT_w==
expires: Sat, 02 Sep 2023 09:32:09 GMT

GET
BLOB 200
OK d9af1b3e-b4cb-4164-bb49-ef48ec33b1e4
https://wchat.freshchat.com/ Frame 8095 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/d9af1b3e-b4cb-4164-bb49-ef48ec33b1e4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Length: 152

GET
H2 200 fc_logo.png
muama.webpush.freshchat.com/ Frame 96BC 4 KB
4 KB 9ms
8ms Image
image/png 108.138.7.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://muama.webpush.freshchat.com/fc_logo.png
Requested by: Host: muama.webpush.freshchat.com
URL: https://muama.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-111.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://muama.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9nZXQtdHZpZGxlci5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 01:23:40 GMT
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
age: 9206
etag: "e87df9f10dcf497ae292dc234200465c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P6
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: B-UeAoV_IfZbZ5wEl6HtndRCsm8rxvjvtdLoH8WnVzYJkNEoVou-pw==

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
get-tvidler.com/	1970-01-20 05:56:02	Name: XSRF-TOKEN Value: eyJpdiI6IjY0MVhJS2M0RWNSN0xSbGVidXJrTmc9PSIsInZhbHVlIjoiblVMZy9vRUQzK1hyVi9iVEtUVE04MVE1aXFnSFFlYm4ralpZY2tuand5NDUwRER5SjZ1YitoZjMxa01YbFFMRVp5ZGt3VjI1dm9NMmxpYmxzWUlBN1VJbWZHeGF1MWRiODhScWk1QWY2dzQ4RUt0U1E4a3RkWkVHN2RwQWJlU3IiLCJtYWMiOiI3MzAzZDJlNGM5ZjRmNDY2Mzk0NzVkMzkwNmIwYjE0NDE1ZGNkY2U1NDdkNDJmZDBiNjVhYjhkODg0NjhjNjc5IiwidGFnIjoiIn0%3D
get-tvidler.com/	1970-01-20 05:56:02	Name: enence_session Value: eyJpdiI6IlhrUmNxOHlFNFVTRnBudFh6VzBObVE9PSIsInZhbHVlIjoiWWxuUWg1eHVIRW5aUnpKUXpsaCtkeXVzSy9ZT0tCeFgzcjRoSlVSVEU0WlBCYmVjK1pJZm5yVEJGNjU4SWdpSXlPeHQwTzFMTVl6MWtUeExpQkNzd3huMzE4VjdsRlc0blE2ZkcwdDZtL0FFQzJENDhEa2M5TERJTGx5aDZRZDkiLCJtYWMiOiJjOTkyNDk2NzAyOTEyNTczY2MxN2U3ZTk2MDNjNTYzNDU3ZTM1ODAyYWFiMzg2ZTQxODhmZDY4NDBmYjhiMzhhIiwidGFnIjoiIn0%3D
get-tvidler.com/	1970-01-20 05:58:47	Name: rpp Value: %7B%22params%22%3A%7B%22l%22%3A%22fr%22%2C%22c%22%3A%22eur%22%2C%22vndr%22%3A%22evf%22%2C%22evf%22%3A%221%22%2C%22prk%22%3A%224bpx3%22%2C%22utm_source%22%3A%22aff%22%2C%22utm_medium%22%3A%229%22%2C%22offid%22%3A%2218%22%2C%22affiliate_id%22%3A%229%22%2C%22subid%22%3A%224792a5b9e0074a5ca34c68148c420691%22%2C%22subid2%22%3A%222680%22%2C%22uuid%22%3A%22fb5570bf-9426-4538-bd7a-f803bcd16469%22%2C%22srv%22%3A%221%22%2C%22pmt%22%3A%22kl%22%2C%22hj%22%3A%221%22%2C%22_%22%3A%222717%2C2482%2C2624%22%7D%7D
get-tvidler.com/	1970-01-20 06:39:07	Name: apple_pay_supported Value: 0
.get-tvidler.com/	1969-12-31 23:59:59	Name: soundestID Value: 20220912035710-yMsWVxVTruz8iF85Mr4XkHwG4EKbjSUfurqappRhZy6lZVxTC
.get-tvidler.com/	1970-01-20 14:41:31	Name: omnisendAnonymousID Value: Swh92EsZ1Fx2Et-20220912035710
.get-tvidler.com/	1970-01-20 05:55:56	Name: omnisendSessionID Value: 2XOPmCFKe8ffGk-20220912035710
.get-tvidler.com/	1970-01-20 05:57:21	Name: _gid Value: GA1.2.724106059.1662955031
.get-tvidler.com/	1970-01-20 05:55:55	Name: _gat_gtag_UA_136786017_1 Value: 1
.get-tvidler.com/	1970-01-20 15:31:55	Name: _ga_WX0E59ZN27 Value: GS1.1.1662955030.1.0.1662955030.0.0.0
.get-tvidler.com/	1970-01-20 15:31:55	Name: _ga Value: GA1.1.27187363.1662955031
.get-tvidler.com/	1970-01-20 15:31:55	Name: _ga_2DT0NCM1Q4 Value: GS1.1.1662955030.1.0.1662955030.0.0.0
.get-tvidler.com/	1970-01-20 15:31:55	Name: _ga_0V56LCXTVL Value: GS1.1.1662955030.1.0.1662955030.0.0.0
.get-tvidler.com/	1970-01-20 14:41:31	Name: _hjSessionUser_2707620 Value: eyJpZCI6IjIyOGM5MzA2LWE1NmMtNWZjZC04NmRlLTk3NzU1ZjYwYzMwYyIsImNyZWF0ZWQiOjE2NjI5NTUwMzA3MjgsImV4aXN0aW5nIjpmYWxzZX0=
.get-tvidler.com/	1970-01-20 05:55:56	Name: _hjFirstSeen Value: 1
get-tvidler.com/	1970-01-20 05:55:55	Name: _hjIncludedInSessionSample Value: 0
.get-tvidler.com/	1970-01-20 05:55:56	Name: _hjSession_2707620 Value: eyJpZCI6IjlhMTBmM2FiLTM4NTAtNGMwYi1iNTEzLTAzZTdhYWJjMWU4NSIsImNyZWF0ZWQiOjE2NjI5NTUwMzA4NTksImluU2FtcGxlIjpmYWxzZX0=
.get-tvidler.com/	1970-01-20 05:55:56	Name: _hjAbsoluteSessionInProgress Value: 1
.get-tvidler.com/	1969-12-31 23:59:59	Name: soundest-views Value: 1
www.dsw0trk.com/	1970-01-20 05:58:47	Name: uniqueClick Value: 123fdab4-7652-41ff-8814-81691f337e44:1662955023
www.dsw0trk.com/	1970-01-20 08:05:31	Name: transaction_id Value: 1e5e1becb9794301b5f246c7950b264e
get-tvidler.com/	1970-01-20 06:39:07	Name: ef_tid_c_o_18 Value: 1e5e1becb9794301b5f246c7950b264e
get-tvidler.com/	1970-01-20 06:39:07	Name: ef_tid_c_a_10 Value: 1e5e1becb9794301b5f246c7950b264e
get-tvidler.com/	1970-01-20 05:58:47	Name: transaction_id Value: 1e5e1becb9794301b5f246c7950b264e
.get-tvidler.com/	1970-01-20 14:41:31	Name: _fw_crm_v Value: 8e285ee7-7f61-4026-e75a-259f7edea676

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assetscdn-wchat.freshchat.com
clientcdn.pushengage.com
emanhtap.arfiandi.me
fonts.googleapis.com
fonts.gstatic.com
forms.soundestlink.com
get-tvidler.com
muama.webpush.freshchat.com
omnisnippet1.com
omnisrc.com
region1.google-analytics.com
rts-static-prod.freshworksapi.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
survey.survicate.com
vars.hotjar.com
vc.hotjar.io
wchat.freshchat.com
wt.soundestlink.com
www.dsw0trk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.thedailyyami.com
yourplay9.derkach.info
108.138.17.126
108.138.17.83
108.138.7.111
18.66.112.15
18.66.147.15
18.66.147.62
181.214.242.99
195.88.87.101
2001:4860:4802:32::36
2606:4700:3033::6815:5d1f
2606:4700::6812:158a
2606:4700::6812:1a30
2606:4700::6812:1b30
2606:4700::6812:41c
2a00:1450:4001:803::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2010
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:400c:c0c::9d
34.120.82.94
52.222.214.106
52.222.236.43
52.54.22.52
68.70.204.3
94.102.4.177
0202b0d86a50edb64a2cedeb100b638641af57e2f4f41a21c986bf8e51dde19a
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
03330fcf01fcd66bfec303801a3f2e2841192d5ef82ec50503ea8b206d7ccef4
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
0c1a33aa036edee4bbd63a2c2026e2bb02c640573d8c28e86eaf93cf3b69edc0
0e69c8561fbe0e90c0187d234e7d3698a48e6c1103c332148a19468e9796fead
149fdfa9d773b242dbae1c5d9f2794597a7693e147a5bfc562ae52f6aefb49b8
1d55c1dae8668c62e9314ee042a3d23d307d849315839dc50bcb57b294a70d2d
1e90fe5d4bc6bc3e996657e88f993ab7b70064235be1b9ff0beaca6685cf6a70
22a56edbb665c2f3f7a3362261db9afcf79da95fa471c4da36a8f84b74f19caa
2a4fa7f09552fdb73936549ee0e77c22f16594dd1a370245ce34132e6bb483d5
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
3003407c5fbfb4661bf32b0ca682779ddb4ea0095202ebf565ee4725eac0b1bd
3440320553f6753fdf3c478d1ebe9f506a976959ac3f73de90837cebb6a8ff96
3916cf5b038c981931541676df276e0fa09cde970146605114909d6fd214ffbc
39ca693367bd3ba14336e9a60766c9bf46404a8dc317a78536b8292b70d99511
3a8a28690bc409523b4a70f9333494169b45e9c6ad45d8243ef11ca6408c3fc1
3ab8f837908b46342ba1ef85852bf81e849941c25404822939863f2919eb6c4b
3d416d0adb00e7f4d9aabc28f5dc7c194ba24bdbc23f24060e641c0c0bed75cf
423a9de7962023e332f18ade31ea9abd9e9372eb1e192c39f8c5c39bad9538c0
42831ea0fdcc1d036f4eee1b68a4b0fa68e321d6b507e4bf515a4cefda201339
454ec6b0b01f2eec4c1ae3a03271d69464aebf3360453e328b7c89533b436e98
4aca6c85bf10a08125382f7d4cb202be8a922e5b68c3e3c6c11e27b356e98639
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5154cde9d08f4a3bae96c1eac3a618bdc364d421ade88af2f1431920dd30181c
5ed021f3a69360ca550010aac660191b2c5485d85c779ff26b1a50fe985e61fd
61f99c96999526a11b6ef4eb0151dcf51eec7b056b27a446a920af8b8d548d1f
65844f2f98cb4ef7ee8eea8b791a403cd4c01ff6b638adfba3613738af7efeb6
714a7833e206f7badfb389684a5f9be4ca3460a74ae5607dcd34ca291f7dc26e
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
735dc9f7bde59298b70840c9410167c382eb393a88410f5041f65321e8128468
76757ef678e74510673670f253fea1f89b87712c316ef719a697c7f6ddae04ee
776c7c494c8ef798496bf11ea367f7b48d47367d34ae02ea438831d15cb290af
7bbc89d6c72cefef6a5c569161294aade5f70402218d0e656285ac3134e4235b
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
83be2ab17588e78cc88faa234f052c9f4240c7df979c8bf82c53e48a3a37b967
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
882554fb62715133c1f0e564804dc05f055d27f9a97e9b76da3e36ce27c4178b
8e04001bd58f68c5801a07496601fb9bc6e89c1f66700e8734593261b87e7819
8e3f01bb448407979ebe5471cd635455e74427aad544043bcaf952433aa38f9a
9267ed951373fa4d49818d39865e13076ed5a0c0acc82986c2a18115a877d04e
9522f06273f78d21fff2f56b7a3ff41d77a705ededacbfba7e8044436c17743d
9534e81d5aef15710000af9f42f695104d66f74f10f94c14ab88ba9b55a413f6
95a512c70a74bfccc6b76a8f1b10cf56c71dde8edc98e04c0d0ca6d76269737c
974ce1162124ddb653a73d6b8912d6f86ab3289bfbed9b5c18248dfb9a51e885
99ceb4411d3aada212b8e8170d6b8bf3d9b70f693d510efb755de658cb48e293
9caa8e8db256128ed7f5910370844246306c80812538d89e9e8ae14bb8c45bd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b6f8c62edfe328b967ff88db407a85f1784904171cdb2072d3f983eb427a16
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a80c24b3f2e18f80ab6516d34d750bd632d4404ec26e7b694d07f24ffb8298e1
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
a9ec88f31255fb6b754bd738328cc171db125c21e21d65dcb3a6b9c8f1109dc0
aca87b8d10db03da6cd4eefe9e83d20f26ee437258f2c1e601dcf26c29d610c8
c4753ee3654144011a48c2e7cca85a827da523b3589e066fdaa41a0f36365118
c7c63b43903d698f7c8b28360ce19c81b574db3288a8db01a29ac72ffba1327b
d3c0610c7f4089f5c09a03242382d9967a7682321babbd507b118e6ffcd179ac
dd2d90f624611c764ed94e067391c89de631aadbf418cb69271ed0b99ba952df
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0bed9fb7257105c361e66cc337e12a01257c4a33f24dbed893846d90304f5f4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb90069bfb802ef63158d8954bb6a025a056b3d084e0c7aae494c7401847e590
ec2f49d701bc11e8cdf567e18162a21d88c76642e6c6094137a4e1a5d48fb45d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efeec6422353683e8231790855255bc3fd82795065299b3bc9777e3196f0de7b
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f71d619eeb07bc673c2492806d833f46a861d4ca81e84acb4553898fd4e3f0d2
fa68455a609539f676087d0eb86ad6b7955444d3dd901280bb4c4f42be7b95fa
fe39979438e0368dccaecc305fda1a282470f40624c13c418b12d4b9b3989598
fec86dc2869c40d3089d5895b80d889450fedad096a7a0f9aad7b8685169c8af

get-tvidler.com Open in urlscan Pro 2606:4700:3033::6815:5d1f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

98 %HTTPS

50 %IPv6

21 Domains

28 Subdomains

27 IPs

6 Countries

1839 kBTransfer

6549 kBSize

25 Cookies

1 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

get-tvidler.com Open in urlscan Pro
2606:4700:3033::6815:5d1f Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

98 %
HTTPS

50 %
IPv6

21
Domains

28
Subdomains

27
IPs

6
Countries

1839 kB
Transfer

6549 kB
Size

25
Cookies

84 HTTP transactions
0 data transactions