urlscan.io logo urlscan.io
SecurityTrails logo

46.101.16.45 Open in urlscan Pro
46.101.16.45  Public Scan

Go To Rescan Add Verdict Report
URL: http://46.101.16.45/
Submission: On September 29 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 5 countries across 16 domains to perform 61 HTTP transactions. The main IP is 46.101.16.45, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is 46.101.16.45.
This is the only time 46.101.16.45 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 46.101.16.45 14061 (DIGITALOC...)
3 16 134.213.67.123 15395 (RACKSPACE...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2a04:fa87:fff... 2635 (AUTOMATTIC)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f08... 32934 (FACEBOOK)
11 2606:4700:440... 13335 (CLOUDFLAR...)
4 35.190.88.141 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:26d... 16509 (AMAZON-02)
2 34.76.56.218 396982 (GOOGLE-CL...)
1 2600:9000:237... 16509 (AMAZON-02)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 108.157.177.44 16509 (AMAZON-02)
1 52.215.34.100 16509 (AMAZON-02)
61 23
1    46.101.16.45 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
46.101.16.45
16    134.213.67.123 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
PTR: plumbnation.co.uk
blog.plumbnation.co.uk
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::6816:134a (United States)

ASN13335 (CLOUDFLARENET, US)
www.plumbnation.co.uk
2    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
2.gravatar.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
11    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ukwest.onetrust.com
geolocation.onetrust.com
4    35.190.88.141 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 141.88.190.35.bc.googleusercontent.com
paypal-eu-cdn.cloudiq.com
1    2600:9000:206f:fc00:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)
d81mfvml8p5ml.cloudfront.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:26da:800:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)
dn1i8v75r669j.cloudfront.net
2    34.76.56.218 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.56.76.34.bc.googleusercontent.com
paypal-eu-arh.cloudiq.com
1    2600:9000:237d:ca00:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)
dkpklk99llpj0.cloudfront.net
1    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    108.157.177.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-177-44.mxp53.r.cloudfront.net
c12.dycdn.net
1    52.215.34.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-34-100.eu-west-1.compute.amazonaws.com
am.freshrelevance.com
Apex Domain
Subdomains		 Transfer
18 plumbnation.co.uk
blog.plumbnation.co.uk
www.plumbnation.co.uk
6 KB
11 onetrust.com
cdn-ukwest.onetrust.com — Cisco Umbrella Rank: 6374
geolocation.onetrust.com — Cisco Umbrella Rank: 958
135 KB
6 cloudiq.com
paypal-eu-cdn.cloudiq.com — Cisco Umbrella Rank: 185905
paypal-eu-arh.cloudiq.com — Cisco Umbrella Rank: 173794
82 KB
4 cloudfront.net
d81mfvml8p5ml.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
28 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 3974
669 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2225
www.google.com — Cisco Umbrella Rank: 11
813 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 691
14 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 66
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 96
42 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
182 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
87 KB
2 gravatar.com
2.gravatar.com — Cisco Umbrella Rank: 14882
643 B
1 freshrelevance.com
am.freshrelevance.com — Cisco Umbrella Rank: 50749
97 B
1 dycdn.net
c12.dycdn.net — Cisco Umbrella Rank: 296185
633 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
185 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
1 KB
61 16
Domain Requested by
16 blog.plumbnation.co.uk 3 redirects 46.101.16.45
10 cdn-ukwest.onetrust.com www.googletagmanager.com
cdn-ukwest.onetrust.com
4 paypal-eu-cdn.cloudiq.com 46.101.16.45
paypal-eu-cdn.cloudiq.com
3 www.google.de 46.101.16.45
3 bat.bing.com www.googletagmanager.com
bat.bing.com
46.101.16.45
3 www.google-analytics.com 46.101.16.45
www.google-analytics.com
3 www.googletagmanager.com 1 redirects 46.101.16.45
2 paypal-eu-arh.cloudiq.com 46.101.16.45
2 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
dkpklk99llpj0.cloudfront.net
2 www.google.com 46.101.16.45
2 connect.facebook.net 46.101.16.45
connect.facebook.net
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 2.gravatar.com 1 redirects 46.101.16.45
2 www.plumbnation.co.uk 46.101.16.45
1 am.freshrelevance.com dkpklk99llpj0.cloudfront.net
1 c12.dycdn.net dkpklk99llpj0.cloudfront.net
1 geolocation.onetrust.com cdn-ukwest.onetrust.com
1 www.facebook.com 46.101.16.45
1 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 region1.analytics.google.com www.googletagmanager.com
1 d81mfvml8p5ml.cloudfront.net 46.101.16.45
1 googleads.g.doubleclick.net www.googletagmanager.com
1 fonts.googleapis.com 46.101.16.45
61 23

This site contains links to these domains. Also see Links.

Domain
www.plumbnation.co.uk
facebook.com
twitter.com
blog.plumbnation.co.uk
www.onetrust.com
Subject Issuer Validity Valid
plumbnation.co.uk
GTS CA 1P5		 2023-09-14 -
2023-12-13		 3 months crt.sh
*.plumbnation.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2023-01-06 -
2023-12-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
*.onetrust.com
GTS CA 1P5		 2023-09-04 -
2023-12-03		 3 months crt.sh
*.cloudiq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-09-04 -
2023-11-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-07-08 -
2023-10-06		 3 months crt.sh
*.dycdn.net
Amazon RSA 2048 M02		 2023-02-10 -
2024-03-10		 a year crt.sh
*.freshrelevance.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-03		 a year crt.sh

This page contains 1 frames:

Primary Page: http://46.101.16.45/
Frame ID: 138A9F9F452E070A0EA774D3732B1AC0
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The PlumbNation Blog - Your weekly fix of all things Plumbing and HeatingBack ButtonFilter Button

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

79 %
HTTPS

74 %
IPv6

16
Domains

23
Subdomains

23
IPs

5
Countries

585 kB
Transfer

1871 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/autoptimize_5469560395e38de9e4a1301db2e4fce4.css HTTP 301
  • https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/autoptimize_5469560395e38de9e4a1301db2e4fce4.css
Request Chain 2
  • http://blog.plumbnation.co.uk/wp-includes/js/jquery/jquery.js HTTP 301
  • https://blog.plumbnation.co.uk/wp-includes/js/jquery/jquery.js
Request Chain 6
  • http://2.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g HTTP 301
  • https://2.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g
Request Chain 16
  • http://blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js HTTP 301
  • https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js
Request Chain 17
  • http://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44 HTTP 302
  • https://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Request Chain 21
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 24
  • http://connect.facebook.net/en_US/fbevents.js HTTP 307
  • https://connect.facebook.net/en_US/fbevents.js
Request Chain 28
  • http://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c

61 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
46.101.16.45/ 		51 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://46.101.16.45/
Protocol
HTTP/1.1
Server
46.101.16.45 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
0838fbc62c98e6e5d88425bfbd7a3479a3516f32511d129a11bb9a70591c20fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
9171
Content-Type
text/html; charset=UTF-8
Date
Fri, 29 Sep 2023 13:40:00 GMT
Keep-Alive
timeout=5, max=100
Link
<https://blog.plumbnation.co.uk/wp-json/>; rel="https://api.w.org/"
Server
Apache/2.4.39 (Ubuntu)
Vary
Accept-Encoding
autoptimize_5469560395e38de9e4a1301db2e4fce4.css
blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/
Redirect Chain
  • http://blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/autoptimize_5469560395e38de9e4a1301db2e4fce4.css
  • https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/autoptimize_5469560395e38de9e4a1301db2e4fce4.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/autoptimize_5469560395e38de9e4a1301db2e4fce4.css
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Redirect headers

Date
Fri, 29 Sep 2023 13:40:01 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Content-Security-Policy-Report-Only
connect-src 'self' sentry.io *.plumbnation.co.uk host-9ffeki.api.swiftype.com bat.bing.com in.hotjar.com knrpc.olark.com stats.g.doubleclick.net vc.hotjar.io www.google-analytics.com www.google.com; font-src 'self' *.plumbnation.co.uk data: script.hotjar.com fonts.gstatic.com; form-action 'self' pay.realexpayments.com; frame-src pay.realexpayments.com www.google.com bid.g.doubleclick.net secure.barclaycard.co.uk static.olark.com storage.googleapis.com tpc.googlesyndication.com vars.hotjar.com www.paypalobjects.com www.securesuite.co.uk; img-src 'self' *.plumbnation.co.uk data: bat.bing.com f.monetate.net googleads.g.doubleclick.net log.olark.com paypal-eu-arh.cloudiq.com sb.monetate.net stats.g.doubleclick.net t.paypal.com www.google-analytics.com www.google.co.uk www.google.com www.google.com.hk www.google.com.pk www.google.hr www.googletagmanager.com www.paypal.com www.google.com.sg www.google.es www.google.nl; manifest-src 'self'; script-src-elem 'self' www.googletagmanager.com *.plumbnation.co.uk pagead2.googlesyndication.com www.google.com www.gstatic.com 'unsafe-inline' adservice.google.co.uk adservice.google.com api.olark.com assets.olark.com bat.bing.com browser.sentry-cdn.com f.monetate.net googleads.g.doubleclick.net paypal-eu-cdn.cloudiq.com script.hotjar.com se.monetate.net static.hotjar.com static.olark.com tpc.googlesyndication.com www.google-analytics.com www.googleadservices.com www.paypal.com www.paypalobjects.com knrpc.olark.com; style-src-elem *.plumbnation.co.uk 'unsafe-inline' cdn.datatables.net static.olark.com storage.googleapis.com; script-src-attr 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://plumbnation.report-uri.com/r/d/csp/wizard
Content-Type
text/html; charset=iso-8859-1
Location
https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/css/autoptimize_5469560395e38de9e4a1301db2e4fce4.css
Permissions-Policy
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
320
X-XSS-Protection
1; mode=block
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Poppins%3A400normal%7CPT+Sans%3A400normal%7CPoppins%3A600normal%7C&subset=latin&ver=5.2.3
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6936d8633a18952472d545f5e0e69d610a5227b1078b377a21ec7e1e3792546
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://46.101.16.45/
Origin
http://46.101.16.45
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 13:40:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 29 Sep 2023 13:40:01 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 29 Sep 2023 13:40:01 GMT
jquery.js
blog.plumbnation.co.uk/wp-includes/js/jquery/
Redirect Chain
  • http://blog.plumbnation.co.uk/wp-includes/js/jquery/jquery.js
  • https://blog.plumbnation.co.uk/wp-includes/js/jquery/jquery.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.plumbnation.co.uk/wp-includes/js/jquery/jquery.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Redirect headers

Date
Fri, 29 Sep 2023 13:40:01 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Content-Security-Policy-Report-Only
connect-src 'self' sentry.io *.plumbnation.co.uk host-9ffeki.api.swiftype.com bat.bing.com in.hotjar.com knrpc.olark.com stats.g.doubleclick.net vc.hotjar.io www.google-analytics.com www.google.com; font-src 'self' *.plumbnation.co.uk data: script.hotjar.com fonts.gstatic.com; form-action 'self' pay.realexpayments.com; frame-src pay.realexpayments.com www.google.com bid.g.doubleclick.net secure.barclaycard.co.uk static.olark.com storage.googleapis.com tpc.googlesyndication.com vars.hotjar.com www.paypalobjects.com www.securesuite.co.uk; img-src 'self' *.plumbnation.co.uk data: bat.bing.com f.monetate.net googleads.g.doubleclick.net log.olark.com paypal-eu-arh.cloudiq.com sb.monetate.net stats.g.doubleclick.net t.paypal.com www.google-analytics.com www.google.co.uk www.google.com www.google.com.hk www.google.com.pk www.google.hr www.googletagmanager.com www.paypal.com www.google.com.sg www.google.es www.google.nl; manifest-src 'self'; script-src-elem 'self' www.googletagmanager.com *.plumbnation.co.uk pagead2.googlesyndication.com www.google.com www.gstatic.com 'unsafe-inline' adservice.google.co.uk adservice.google.com api.olark.com assets.olark.com bat.bing.com browser.sentry-cdn.com f.monetate.net googleads.g.doubleclick.net paypal-eu-cdn.cloudiq.com script.hotjar.com se.monetate.net static.hotjar.com static.olark.com tpc.googlesyndication.com www.google-analytics.com www.googleadservices.com www.paypal.com www.paypalobjects.com knrpc.olark.com; style-src-elem *.plumbnation.co.uk 'unsafe-inline' cdn.datatables.net static.olark.com storage.googleapis.com; script-src-attr 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://plumbnation.report-uri.com/r/d/csp/wizard
Content-Type
text/html; charset=iso-8859-1
Location
https://blog.plumbnation.co.uk/wp-includes/js/jquery/jquery.js
Permissions-Policy
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
270
X-XSS-Protection
1; mode=block
Plumbnation-logo-White.png
www.plumbnation.co.uk/blog/wp-content/uploads/2017/03/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.plumbnation.co.uk/blog/wp-content/uploads/2017/03/Plumbnation-logo-White.png
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:134a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
Plumbnation-Blog-logo-White.png
www.plumbnation.co.uk/blog/wp-content/uploads/2017/03/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.plumbnation.co.uk/blog/wp-content/uploads/2017/03/Plumbnation-Blog-logo-White.png
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:134a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
Smiths-Space-Saver-After-High-Res_original.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/03/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/03/Smiths-Space-Saver-After-High-Res_original.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
8fe79060c53d29947a70f675672b5d2d
2.gravatar.com/avatar/
Redirect Chain
  • http://2.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g
  • https://2.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g
121 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
66e576b286089da4236fc35e87d2b03c1718ccc5dfde61a17849f5b8459ffb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-nc
MISS hhn 1
date
Fri, 29 Sep 2023 13:40:01 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="8fe79060c53d29947a70f675672b5d2d.png"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g>; rel="canonical"
content-length
121
expires
Fri, 29 Sep 2023 13:45:01 GMT

Redirect headers

Location
https:/2.gravatar.com/avatar/8fe79060c53d29947a70f675672b5d2d?s=32&d=blank&r=g
Date
Fri, 29 Sep 2023 13:40:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
162
Content-Type
text/html
1799857.jpg
blog.plumbnation.co.uk/wp-content/uploads/2018/11/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2018/11/1799857.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
Banner-1024x512-ver-1-.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/02/Banner-1024x512-ver-1-.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
134-0-0-823-10000-4468-1920.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/02/134-0-0-823-10000-4468-1920.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
Grundfos-%E2%94%AC%C3%BA10-off-Sololift-Banner-1024x512.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/02/Grundfos-%E2%94%AC%C3%BA10-off-Sololift-Banner-1024x512.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
1951124.png
blog.plumbnation.co.uk/wp-content/uploads/2019/02/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/02/1951124.png
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
banner-top-inclement-weather-960x275.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/01/banner-top-inclement-weather-960x275.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
Should-You-Swap-Your-Conventional-Boiler-to-a-Combi.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/01/Should-You-Swap-Your-Conventional-Boiler-to-a-Combi.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
shower_tray_banner.jpg
blog.plumbnation.co.uk/wp-content/uploads/2019/01/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2019/01/shower_tray_banner.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
christmas-banner.jpg
blog.plumbnation.co.uk/wp-content/uploads/2018/12/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.plumbnation.co.uk/wp-content/uploads/2018/12/christmas-banner.jpg
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js
blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/
Redirect Chain
  • http://blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js
  • https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
HTTP/1.1
Server
134.213.67.123 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
plumbnation.co.uk
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Redirect headers

Date
Fri, 29 Sep 2023 13:40:01 GMT
X-Content-Type-Options
nosniff
Referrer-Policy
no-referrer-when-downgrade
Server
Apache
Content-Security-Policy-Report-Only
connect-src 'self' sentry.io *.plumbnation.co.uk host-9ffeki.api.swiftype.com bat.bing.com in.hotjar.com knrpc.olark.com stats.g.doubleclick.net vc.hotjar.io www.google-analytics.com www.google.com; font-src 'self' *.plumbnation.co.uk data: script.hotjar.com fonts.gstatic.com; form-action 'self' pay.realexpayments.com; frame-src pay.realexpayments.com www.google.com bid.g.doubleclick.net secure.barclaycard.co.uk static.olark.com storage.googleapis.com tpc.googlesyndication.com vars.hotjar.com www.paypalobjects.com www.securesuite.co.uk; img-src 'self' *.plumbnation.co.uk data: bat.bing.com f.monetate.net googleads.g.doubleclick.net log.olark.com paypal-eu-arh.cloudiq.com sb.monetate.net stats.g.doubleclick.net t.paypal.com www.google-analytics.com www.google.co.uk www.google.com www.google.com.hk www.google.com.pk www.google.hr www.googletagmanager.com www.paypal.com www.google.com.sg www.google.es www.google.nl; manifest-src 'self'; script-src-elem 'self' www.googletagmanager.com *.plumbnation.co.uk pagead2.googlesyndication.com www.google.com www.gstatic.com 'unsafe-inline' adservice.google.co.uk adservice.google.com api.olark.com assets.olark.com bat.bing.com browser.sentry-cdn.com f.monetate.net googleads.g.doubleclick.net paypal-eu-cdn.cloudiq.com script.hotjar.com se.monetate.net static.hotjar.com static.olark.com tpc.googlesyndication.com www.google-analytics.com www.googleadservices.com www.paypal.com www.paypalobjects.com knrpc.olark.com; style-src-elem *.plumbnation.co.uk 'unsafe-inline' cdn.datatables.net static.olark.com storage.googleapis.com; script-src-attr 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://plumbnation.report-uri.com/r/d/csp/wizard
Content-Type
text/html; charset=iso-8859-1
Location
https://blog.plumbnation.co.uk/wp-content/cache/autoptimize/js/autoptimize_41964bb2835ca97b6b6b3a455b9c87bc.js
Permissions-Policy
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
318
X-XSS-Protection
1; mode=block
gtm.js
www.googletagmanager.com/
Redirect Chain
  • http://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
  • https://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
280 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98c7a14a0ba3e4e91cac35256c1754da74a3bdf1398759a4671565d409bb09ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:40:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97345
x-xss-protection
0
last-modified
Fri, 29 Sep 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 29 Sep 2023 13:40:01 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Date
Fri, 29 Sep 2023 13:40:01 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
250
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 11:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6940
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 29 Sep 2023 13:44:21 GMT
collect
www.google-analytics.com/j/ 		3 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=406775985&t=pageview&_s=1&dl=http%3A%2F%2F46.101.16.45%2F&ul=en-us&de=UTF-8&dt=The%20PlumbNation%20Blog%20-%20Your%20weekly%20fix%20of%20all%20things%20Plumbing%20and%20Heating&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAACAAI~&jid=265415140&gjid=399484040&cid=1645839771.1695994802&tid=UA-2562983-1&_gid=574920840.1695994802&_slc=1&gtm=45He39r0n71WW3Z44&z=1769355602
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://46.101.16.45/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://46.101.16.45
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2562983-1&cid=1645839771.1695994802&jid=265415140&gjid=399484040&_gid=574920840.1695994802&_u=aGDAgEABAAAAAGAAI~&z=2098617033
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://46.101.16.45/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 29 Sep 2023 13:40:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://46.101.16.45
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 29 Sep 2023 11:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6940
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 29 Sep 2023 13:44:21 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1054838279/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1054838279/?random=1695994801837&cv=11&fst=1695994801837&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=http%3A%2F%2F46.101.16.45%2F&hn=www.googleadservices.com&frm=0&tiba=The%20PlumbNation%20Blog%20-%20Your%20weekly%20fix%20of%20all%20things%20Plumbing%20and%20Heating&auid=2017675496.1695994802&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa9be9c70d7a533f98d08738ecc18054595c43737f127142a0ccc58e62d2bcdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1346
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 29 Sep 2023 13:40:01 GMT
last-modified
Wed, 06 Sep 2023 22:41:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 94210B80E18C481280CDF0F28FC26637 Ref B: FRA31EDGE0715 Ref C: 2023-09-29T13:40:01Z
etag
"09cc4613e1d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12981
fbevents.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/fbevents.js
  • https://connect.facebook.net/en_US/fbevents.js
197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 29 Sep 2023 13:40:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53277
x-xss-protection
0
pragma
public
x-fb-debug
IEYZXD8y6PHsP8WelaPUZth3Z6sXQf3CM8nPSI8CNV1GgYGcKLhvhytp9lT5R+auRVDcT+kEgXiICfdqwEJV9g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/fbevents.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
OtAutoBlock.js
cdn-ukwest.onetrust.com/consent/0a1fae7f-da11-4241-a2d7-ee09f10cc311/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/0a1fae7f-da11-4241-a2d7-ee09f10cc311/OtAutoBlock.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae817b68435cb56be55ac29fb92649f2b152ea7d3d41efc6a1ce1e4a0a8fd304
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
EydTxtJzDPLfS25M0rSqzw==
content-length
2045
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jun 2022 09:24:27 GMT
server
cloudflare
etag
0x8DA54310145F12A
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
090c8d34-001e-004b-70be-f21501000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2b7e9b603b0-FRA
ced8c8a5-9f5d-4048-b14f-bbadbefb6de4-jrqf7ov7.js
paypal-eu-cdn.cloudiq.com/tag/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-eu-cdn.cloudiq.com/tag/ced8c8a5-9f5d-4048-b14f-bbadbefb6de4-jrqf7ov7.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.88.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
134df3db35c137fae5b5e193b8efe118fa0641c4b3756dd7f1b71a8f6c9c97c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:40:01 GMT
x-guploader-uploadid
ADPycdufGznFArXAeIOx0lBulVj90HlZqTseE4hNlsY4aryZSCgYhzA2-ipiOKhPhQPJuBQyVie_MkUCr_m5UgD7w3oQbg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8331
last-modified
Mon, 26 Jun 2023 09:37:07 GMT
server
UploadServer
etag
"5280c5a422bd69700be50ef7d1c3ceae"
x-goog-generation
1687772227112777
content-type
application/javascript; charset=utf-8
x-goog-hash
crc32c=+TMgOQ==, md5=UoDFpCK9aXAL5Q730cPOrg==
cache-control
public, max-age=3600
x-goog-stored-content-length
8331
accept-ranges
bytes
expires
Fri, 29 Sep 2023 14:40:01 GMT
fbtgmvd3.js
d81mfvml8p5ml.cloudfront.net/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d81mfvml8p5ml.cloudfront.net/fbtgmvd3.js
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fc00:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13db6ee848a21315b45b312415235e255adee04863eab5f5d14edd24ac7b33a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:39:56 GMT
content-encoding
br
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified
Wed, 30 Aug 2023 12:57:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
28
x-amz-server-side-encryption
AES256
etag
W/"10b792317f722a238676e161cbf32388"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=600
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
F4wtzB64yTJP7qW8oZHTLkqclA7Q0XaN6DwQbUBVnZokgAmdG4TXgg==
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c
251 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c63be5cfaecad8d7e8f5a727cbf410f8299217b0756404c85a683f2354921f0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:40:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88256
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 29 Sep 2023 13:40:01 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-11RL8B5ZR3&gtm=45je39r0&_p=406775985&_gaz=1&cid=1645839771.1695994802&ul=en-us&sr=1600x1200&_s=1&sid=1695994801&sct=1&seg=0&dl=http%3A%2F%2F46.101.16.45%2F&dt=The%20PlumbNation%20Blog%20-%20Your%20weekly%20fix%20of%20all%20things%20Plumbing%20and%20Heating&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://46.101.16.45
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-11RL8B5ZR3&cid=1645839771.1695994802&gtm=45je39r0&aip=1
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=G-11RL8B5ZR3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://46.101.16.45
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-11RL8B5ZR3&cid=1645839771.1695994802&gtm=45je39r0&aip=1&z=995952755
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2562983-1&cid=1645839771.1695994802&jid=265415140&_u=aGDAgEABAAAAAGAAI~&z=2092144940
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2562983-1&cid=1645839771.1695994802&jid=265415140&_u=aGDAgEABAAAAAGAAI~&z=2092144940
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5213436.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5213436.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Fri, 29 Sep 2023 13:40:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A62D595E38C2457EAC88DE370408A0AE Ref B: FRA31EDGE0715 Ref C: 2023-09-29T13:40:01Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5213436&tm=gtm002&Ver=2&mid=2307d6e7-9bea-4c84-a9a7-7e126a1cc473&sid=b09d2ea05ecd11ee9d19151fbe98692b&vid=b09d62a05ecd11eea0c2dba737478429&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20PlumbNation%20Blog%20-%20Your%20weekly%20fix%20of%20all%20things%20Plumbing%20and%20Heating&p=http%3A%2F%2F46.101.16.45%2F&r=&lt=977&evt=pageLoad&sv=1&rn=965007
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 29 Sep 2023 13:40:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4DFAA63AA3B3423F834DC2A3FD676E67 Ref B: FRA31EDGE0715 Ref C: 2023-09-29T13:40:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1054838279/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1054838279/?random=1695994801837&cv=11&fst=1695992400000&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=http%3A%2F%2F46.101.16.45%2F&frm=0&tiba=The%20PlumbNation%20Blog%20-%20Your%20weekly%20fix%20of%20all%20things%20Plumbing%20and%20Heating&fmt=3&is_vtc=1&random=12088336&rmt_tld=0&ipr=y
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:02 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1054838279/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1054838279/?random=1695994801837&cv=11&fst=1695992400000&bg=ffffff&guid=ON&async=1&gtm=45He39r0&u_w=1600&u_h=1200&url=http%3A%2F%2F46.101.16.45%2F&frm=0&tiba=The%20PlumbNation%20Blog%20-%20Your%20weekly%20fix%20of%20all%20things%20Plumbing%20and%20Heating&fmt=3&is_vtc=1&random=12088336&rmt_tld=1&ipr=y
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 13:40:01 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
696783847087925
connect.facebook.net/signals/config/ 		128 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696783847087925?v=2.9.131&r=stable&domain=46.101.16.45
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
156f54b753735921cd7a98dfc2167c3d05f9265b9f2089bbed73fa4311d1ac00
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 29 Sep 2023 13:40:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
8KmTv1j3Lm+aX/n4ILmddo3Zt0adsmZKvb+ZcsP/UXSm4EtSQR/pkmFyppnd/RtPqUOWouQ2ZWNM5Yv31Hxlvg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
dn1i8v75r669j.cloudfront.net/v/ 		57 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dn1i8v75r669j.cloudfront.net/v/?w=fbtgmvd3
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/fbtgmvd3.js
Protocol
HTTP/1.1
Server
2600:9000:26da:800:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d9f50c570b0f649d78b7a5b152b5f7fcfe679ebf10dc55f24c9b823eb4d55c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 29 Sep 2023 13:40:02 GMT
Via
1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P4
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
X-Amz-Cf-Id
b-WKEI1m2OK1QK68soCTfJTnwFvL7yBMgT42AI8o2Vttc3AsgLxBAQ==
entry.js
paypal-eu-cdn.cloudiq.com/tag-modules-obf/ 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/entry.js
Requested by
Host: paypal-eu-cdn.cloudiq.com
URL: https://paypal-eu-cdn.cloudiq.com/tag/ced8c8a5-9f5d-4048-b14f-bbadbefb6de4-jrqf7ov7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.88.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
28f1af4f6068d70d71045b2e3e619a8f49155412990bb0069c488428780f6760

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 21:39:58 GMT
content-encoding
gzip
age
144004
x-guploader-uploadid
ADPycduZRD07o-HX6_5ani25v4MzXouoqThKfUsISqVral4IEIDcJk7LMGHPXTiRgxgpYaB2-IvTGH0KxuxPSGTQr5CLxA
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39565
last-modified
Thu, 11 Nov 2021 12:51:44 GMT
server
UploadServer
etag
"e53c74189d1826ed03b21b8da8515df9"
x-goog-generation
1636635104064923
x-goog-hash
crc32c=jeTTMA==, md5=5Tx0GJ0YJu0DshuNqFFd+Q==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
39565
accept-ranges
bytes
expires
Thu, 26 Sep 2024 21:39:58 GMT
otSDKStub.js
cdn-ukwest.onetrust.com/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WW3Z44
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
h6ThlO7ea17v6JNPXbI1zQ==
age
25546
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6822
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:10:33 GMT
server
cloudflare
etag
0x8DBBFE13DF58710
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
521aa386-501e-001c-2d15-f2fc8c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2b8ab0e03b0-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
dca.js
paypal-eu-cdn.cloudiq.com/tag-modules-obf/ 		54 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/dca.js
Requested by
Host: paypal-eu-cdn.cloudiq.com
URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.88.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0733bb5debbf093132e64bcf234053a73370863ada144848f62cb044eee54bcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Mon, 25 Sep 2023 04:22:00 GMT
content-encoding
gzip
age
379082
x-guploader-uploadid
ADPycduaQanFekCHx8gw2vZWpcBYJaZMX8A5j85_vt_oH6DKTKPceqvK6pYy78hWowB_DUF-kOJmQqVuPRrlJI2-qECvdg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24942
last-modified
Wed, 23 Mar 2022 15:20:26 GMT
server
UploadServer
etag
"1d74d4d6d50a903b00ef65713dfd36b1"
x-goog-generation
1648048826314164
x-goog-hash
crc32c=P1vTIA==, md5=HXTU1tUKkDsA72VxPf02sQ==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
24942
accept-ranges
bytes
expires
Tue, 24 Sep 2024 04:22:00 GMT
ce.js
paypal-eu-cdn.cloudiq.com/tag-modules-obf/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/ce.js
Requested by
Host: paypal-eu-cdn.cloudiq.com
URL: https://paypal-eu-cdn.cloudiq.com/tag-modules-obf/entry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.141 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
141.88.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b7d02f16d91169758d19dbaab5197d9cfc76787b123e6e5ae1029495b1780181

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 23:30:51 GMT
content-encoding
gzip
age
223751
x-guploader-uploadid
ADPycdtRdxoouRqFHoRFKJvc4LSi1uciVEjiVS9t8TZeciSP7FkBxIMMwDs0gLROK7YMPX4iEux5f6WjfIGutFAQ_OlBetkZFJqN
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10285
last-modified
Wed, 17 Nov 2021 10:47:08 GMT
server
UploadServer
etag
"fe58ca4ea9b1fe1521aa841937657781"
x-goog-generation
1637146028934800
x-goog-hash
crc32c=3Zt0AA==, md5=/ljKTqmx/hUhqoQZN2V3gQ==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
10285
accept-ranges
bytes
expires
Wed, 25 Sep 2024 23:30:51 GMT
push
paypal-eu-arh.cloudiq.com/pubsub/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paypal-eu-arh.cloudiq.com/pubsub/push?token=1234&data=eyJ2ZXJzaW9uIjoiMS40LjEiLCJwYWdlIjp7InBhZ2VOYW1lIjoiVGhlIFBsdW1iTmF0aW9uIEJsb2cgLSBZb3VyIHdlZWtseSBmaXggb2YgYWxsIHRoaW5ncyBQbHVtYmluZyBhbmQgSGVhdGluZyIsImRlc3RpbmF0aW9uVVJMIjoiaHR0cDovLzQ2LjEwMS4xNi40NS8iLCJyZWZlcnJpbmdVUkwiOiIifSwiZXZlbnQiOnsicGFnZUxvYWQiOjE2OTU5OTQ4MDIwNjJ9LCJkZXZpY2UiOnsidHlwZSI6ImRlc2t0b3AifSwidGFnIjp7InRhZ0lkIjoiY2VkOGM4YTUtOWY1ZC00MDQ4LWIxNGYtYmJhZGJlZmI2ZGU0LWpycWY3b3Y3In0sInVzZXIiOnsiaWQiOiJjaXF1aWQtMDAxOGFlMTJhZWY5MC0wMS00NzljMzMiLCJyZXR1cm5pbmdTdGF0dXMiOmZhbHNlLCJmaW5nZXJwcmludCI6MTcwNTAxMTkyMH19
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.76.56.218 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.56.76.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
0a1fae7f-da11-4241-a2d7-ee09f10cc311.json
cdn-ukwest.onetrust.com/consent/0a1fae7f-da11-4241-a2d7-ee09f10cc311/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/0a1fae7f-da11-4241-a2d7-ee09f10cc311/0a1fae7f-da11-4241-a2d7-ee09f10cc311.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32fedd6246a08b41e0abd1e50506536e6a7b0788093d4287170288498b1d7a89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
1zHnOUeDZ7kwUDyc13Lf6Q==
content-length
1418
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jun 2022 09:24:27 GMT
server
cloudflare
etag
0x8DA543101193FB4
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
0e3f7503-101e-001b-6eda-f20a09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2b93bb59165-FRA
fbtgmvd3_1693400230569.js
dkpklk99llpj0.cloudfront.net/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dkpklk99llpj0.cloudfront.net/fbtgmvd3_1693400230569.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/fbtgmvd3.js
Protocol
HTTP/1.1
Server
2600:9000:237d:ca00:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00c005ca6ac0a53128afb09e37fc702e3494cd5aa37b6ceb7cc51fc3cbf8b15e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Fri, 15 Sep 2023 10:12:22 GMT
Content-Encoding
gzip
Via
1.1 da7d0e99d4b5322bc1c874b2af707374.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P2
Age
1222061
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
Last-Modified
Wed, 30 Aug 2023 12:57:11 GMT
Server
AmazonS3
ETag
W/"016624c6d98e1c736d9741435d2a4d8c"
Vary
Accept-Encoding, Origin
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=31536000
X-Amz-Cf-Id
A_78Ok60iH1yMcCOY1IPiUiAUDdoOO3UBYtMyBgC-uf62sW4qEJFnw==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696783847087925&ev=PageView&dl=http%3A%2F%2F46.101.16.45%2F&rl=&if=false&ts=1695994802123&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=30&fbp=fb.3.1695994802122.2027163329&it=1695994801971&coo=false&rqm=GET
Requested by
Host: 46.101.16.45
URL: http://46.101.16.45/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 29 Sep 2023 13:40:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
push
paypal-eu-arh.cloudiq.com/pubsub/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paypal-eu-arh.cloudiq.com/pubsub/push?token=1234&data=eyJ2ZXJzaW9uIjoiMS40LjEiLCJwYWdlIjp7InBhZ2VOYW1lIjoiVGhlIFBsdW1iTmF0aW9uIEJsb2cgLSBZb3VyIHdlZWtseSBmaXggb2YgYWxsIHRoaW5ncyBQbHVtYmluZyBhbmQgSGVhdGluZyIsImRlc3RpbmF0aW9uVVJMIjoiaHR0cDovLzQ2LjEwMS4xNi40NS8iLCJyZWZlcnJpbmdVUkwiOiIifSwiZXZlbnQiOnsicGFnZUxvYWQiOjE2OTU5OTQ4MDIwNjJ9LCJkZXZpY2UiOnsidHlwZSI6ImRlc2t0b3AifSwidGFnIjp7InRhZ0lkIjoiY2VkOGM4YTUtOWY1ZC00MDQ4LWIxNGYtYmJhZGJlZmI2ZGU0LWpycWY3b3Y3In0sInVzZXIiOnsiaWQiOiJjaXF1aWQtMDAxOGFlMTJhZWY5MC0wMS00NzljMzMiLCJyZXR1cm5pbmdTdGF0dXMiOmZhbHNlLCJmaW5nZXJwcmludCI6MTcwNTAxMTkyMH0sImNhcnQiOnsiY3VycmVuY3lDb2RlIjoiR0JQIiwiY3VycmVuY3lTeW1ib2wiOiLCoyJ9fQ%3D%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.76.56.218 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.56.76.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		59 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
http://46.101.16.45/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:40:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
80e4a2ba1cb39165-FRA
access-control-allow-headers
Content-Type
otBannerSdk.js
cdn-ukwest.onetrust.com/scripttemplates/6.36.0/ 		362 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/otBannerSdk.js
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
8atDBk1Pe2rTtV5h1AnhkA==
age
25162
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
87793
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 16:29:55 GMT
server
cloudflare
etag
0x8DA4A3549788AF3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9016b04c-701e-0029-12c2-df52d9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2ba6d8303b0-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
en.json
cdn-ukwest.onetrust.com/consent/0a1fae7f-da11-4241-a2d7-ee09f10cc311/27a3fc85-39d8-47e9-afbb-7f4363f8df6e/ 		52 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/consent/0a1fae7f-da11-4241-a2d7-ee09f10cc311/27a3fc85-39d8-47e9-afbb-7f4363f8df6e/en.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b17828cb0c29c80d42b49b43c4e17e7b14341b21f80ed9374d4d45a6100b9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
/VcnKxVaSifI22esX7cytA==
content-length
13320
x-ms-lease-status
unlocked
last-modified
Wed, 22 Jun 2022 09:24:33 GMT
server
cloudflare
etag
0x8DA543104E731EA
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6d8de704-301e-0061-6ada-f26044000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2bafdc69165-FRA
/
c12.dycdn.net/fbtgmvd3/campaigns/ 		303 B
633 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c12.dycdn.net/fbtgmvd3/campaigns/?k=pb5i9p9&d=dbaz4nikuo&url=http%3A%2F%2F46.101.16.45%2F&ptyp=0&sbr=uk&curr=GBP&lang=en
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: http://dkpklk99llpj0.cloudfront.net/fbtgmvd3_1693400230569.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.177.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-177-44.mxp53.r.cloudfront.net
Software
/
Resource Hash
e6fe26b75b717c0fb20b9443ace0c1b5ae65c68a28d9356f35e62e90bab4c1d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 13:40:02 GMT
via
1.1 a0adf1c6b3fbf8ce9abab2f3cbc02bca.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP53-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
303
x-amz-cf-id
ISKLGKCHKoha7LHsX232qaj34OSjd9YZMiM4GI0VbNR62j_eYHvENw==
otCenterRounded.json
cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/ 		9 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/otCenterRounded.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
MISS
content-md5
eB5KwLWtcYPmjc/KKwC/xQ==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2585
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 16:29:41 GMT
server
cloudflare
etag
0x8DA4A3540F9A700
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3145ab35-201e-0018-3cda-f2090e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2bb9ee49165-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
otPcTab.json
cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/v2/ 		60 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/v2/otPcTab.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
MISS
content-md5
A8S8V8ufBrkYMxOCv4z2Eg==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
13730
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 16:29:43 GMT
server
cloudflare
etag
0x8DA4A35424B1122
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0e3f760e-101e-001b-6ada-f20a09000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2bb9ee69165-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
otCookieSettingsButton.json
cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/otCookieSettingsButton.json
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
content-encoding
gzip
cf-cache-status
MISS
content-md5
ApduCpj4FmzFcTCIQw6wEw==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1767
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 16:29:42 GMT
server
cloudflare
etag
0x8DA4A3541B8533B
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1d179761-901e-0028-62da-f25324000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
80e4a2bb9ee89165-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
otCommonStyles.css
cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/assets/otCommonStyles.css
Requested by
Host: cdn-ukwest.onetrust.com
URL: https://cdn-ukwest.onetrust.com/scripttemplates/6.36.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
MISS
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
x-ms-lease-status
unlocked
last-modified
Thu, 09 Jun 2022 16:30:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
c93aaeeb-b01e-0070-15da-f2575f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
80e4a2bb9eed9165-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
get
am.freshrelevance.com/ 		1 B
97 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22dbaz4nikuo%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.132%20Safari%2F537.36%22%2C%22w%22%3A%22fbtgmvd3%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: http://dkpklk99llpj0.cloudfront.net/fbtgmvd3_1693400230569.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.34.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-34-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 29 Sep 2023 13:40:02 GMT
content-type
text/plain; charset=utf-8
poweredBy_ot_logo.svg
cdn-ukwest.onetrust.com/logos/static/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-ukwest.onetrust.com/logos/static/poweredBy_ot_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Sep 2023 13:40:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
content-md5
LpuayL42jB78xRllx0vkOw==
age
25529
x-ms-lease-status
unlocked
last-modified
Thu, 28 Sep 2023 05:10:35 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
530ddee3-901e-0001-72d5-f12566000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
cf-ray
80e4a2bca88703b0-FRA
expires
Sat, 30 Sep 2023 13:40:02 GMT
/
dn1i8v75r669j.cloudfront.net/e/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
http://dn1i8v75r669j.cloudfront.net/e/?w=fbtgmvd3&id=64ba6bacd53e6f5056ef326b
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: http://dkpklk99llpj0.cloudfront.net/fbtgmvd3_1693400230569.js
Protocol
HTTP/1.1
Server
2600:9000:26da:800:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
108b8565df73b3c33a1e19a8ad9c1c9e73327444d50b592872d507975c9e1cfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://46.101.16.45/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Date
Wed, 20 Sep 2023 12:27:31 GMT
Via
1.1 7bf4f64fa64e134b5dbb63cabb0aa9e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
MUC50-P4
Age
781951
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Alt-Svc
h3=":443"; ma=86400
X-Amz-Cf-Id
GXuKJJ3ijY5nLI-97PisBp7lBXrwlo-DxMUqjE-KkpTgCceQPNzRyw==

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings object| wpp_params string| GoogleAnalyticsObject function| ga object| ajax_call object| options object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| postscribe object| google_tag_manager_external object| GooglebQhCsO function| fbq function| _fbq function| onYouTubeIframeAPIReady function| UET function| UET_init function| UET_push object| ueto_8a9f5b17db object| uetq object| $FR_LAB function| y0HH function| U9BB object| ciq object| regeneratorRuntime object| OneTrustStub function| OptanonWrapper function| $TM_VR function| E6ww function| g7tt function| w9uu object| $TB string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData undefined| cdsb undefined| update_countdown_smartblock_interval undefined| countdown_smartblock_check function| $TM_CC function| nrlskOnEvent object| Optanon object| OneTrust

16 Cookies

Domain/Path Name / Value
46.101.16.45/ Name: _gcl_au
Value: 1.1.2017675496.1695994802
46.101.16.45/ Name: _gid
Value: GA1.4.574920840.1695994802
46.101.16.45/ Name: _dc_gtm_UA-2562983-1
Value: 1
46.101.16.45/ Name: _ga_11RL8B5ZR3
Value: GS1.1.1695994801.1.0.1695994801.60.0.0
46.101.16.45/ Name: _ga
Value: GA1.1.1645839771.1695994802
46.101.16.45/ Name: _uetsid
Value: b09d2ea05ecd11ee9d19151fbe98692b
46.101.16.45/ Name: _uetvid
Value: b09d62a05ecd11eea0c2dba737478429
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bing.com/ Name: MUID
Value: 10185DB00CAF67EC24D34E2B0D036672
46.101.16.45/ Name: ciq-uid
Value: ciquid-0018ae12aef90-01-479c33
46.101.16.45/ Name: ciq_new_visitor
Value: true
46.101.16.45/ Name: _fbp
Value: fb.3.1695994802122.2027163329
paypal-eu-arh.cloudiq.com/ Name: session
Value: eyJpbnRlcmFjdGlvbklkIjoiYzk3MTg4N2YtNWRmOC00NDhlLTgwOTUtYTg3Y2VjNzczM2NkIiwidGFnSWQiOiJjZWQ4YzhhNS05ZjVkLTQwNDgtYjE0Zi1iYmFkYmVmYjZkZTQtanJxZjdvdjcifQ==
paypal-eu-arh.cloudiq.com/ Name: session.sig
Value: 3coT1iKT9oN0-VEA55O1VrJFJSw
46.101.16.45/ Name: tms_VisitorID
Value: dbaz4nikuo
46.101.16.45/ Name: tms_wsip
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://www.plumbnation.co.uk/blog/wp-content/uploads/2017/03/Plumbnation-logo-White.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.plumbnation.co.uk/blog/wp-content/uploads/2017/03/Plumbnation-Blog-logo-White.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.gravatar.com
am.freshrelevance.com
bat.bing.com
blog.plumbnation.co.uk
c12.dycdn.net
cdn-ukwest.onetrust.com
connect.facebook.net
d81mfvml8p5ml.cloudfront.net
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
fonts.googleapis.com
geolocation.onetrust.com
googleads.g.doubleclick.net
paypal-eu-arh.cloudiq.com
paypal-eu-cdn.cloudiq.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.plumbnation.co.uk
108.157.177.44
134.213.67.123
2001:4860:4802:32::36
2600:9000:206f:fc00:2:36a1:2f40:21
2600:9000:237d:ca00:e:98bf:5f00:21
2600:9000:26da:800:7:5031:dc0:21
2606:4700:10::6816:134a
2606:4700:4400::ac40:9b77
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:400c:c07::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:fa87:fffe::c000:4902
34.76.56.218
35.190.88.141
46.101.16.45
52.215.34.100
00bab1a0ca70bae23e6e733c1b78045476a2d2688aa0c5cf26fc7efa81ccaa0b
00c005ca6ac0a53128afb09e37fc702e3494cd5aa37b6ceb7cc51fc3cbf8b15e
0733bb5debbf093132e64bcf234053a73370863ada144848f62cb044eee54bcb
0838fbc62c98e6e5d88425bfbd7a3479a3516f32511d129a11bb9a70591c20fd
108b8565df73b3c33a1e19a8ad9c1c9e73327444d50b592872d507975c9e1cfe
134df3db35c137fae5b5e193b8efe118fa0641c4b3756dd7f1b71a8f6c9c97c2
13db6ee848a21315b45b312415235e255adee04863eab5f5d14edd24ac7b33a8
156f54b753735921cd7a98dfc2167c3d05f9265b9f2089bbed73fa4311d1ac00
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
28f1af4f6068d70d71045b2e3e619a8f49155412990bb0069c488428780f6760
32fedd6246a08b41e0abd1e50506536e6a7b0788093d4287170288498b1d7a89
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3c23f58e5c037e4b8b1efc40ff22d331b67606d8eaf34e6ed9203a3fba9a2641
3d62ad0f23c60258f120e52cf68b2e1adff5c1bf5bde5ac8f8d6e5f4c4c64f34
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
4b17828cb0c29c80d42b49b43c4e17e7b14341b21f80ed9374d4d45a6100b9b9
66e576b286089da4236fc35e87d2b03c1718ccc5dfde61a17849f5b8459ffb0a
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
98c7a14a0ba3e4e91cac35256c1754da74a3bdf1398759a4671565d409bb09ea
a09d0f89e99cf5a081315ff701187632005dabd23f3ca116a75790003faa7e8f
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a6936d8633a18952472d545f5e0e69d610a5227b1078b377a21ec7e1e3792546
ae817b68435cb56be55ac29fb92649f2b152ea7d3d41efc6a1ce1e4a0a8fd304
b7d02f16d91169758d19dbaab5197d9cfc76787b123e6e5ae1029495b1780181
c63be5cfaecad8d7e8f5a727cbf410f8299217b0756404c85a683f2354921f0e
d9f50c570b0f649d78b7a5b152b5f7fcfe679ebf10dc55f24c9b823eb4d55c11
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fe26b75b717c0fb20b9443ace0c1b5ae65c68a28d9356f35e62e90bab4c1d4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc
fa9be9c70d7a533f98d08738ecc18054595c43737f127142a0ccc58e62d2bcdf