1035thearrow.com Open in urlscan Pro
35.203.160.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1035thearrow.com/
Effective URL:
https://1035thearrow.com/
Submission: On July 12 via api (July 12th 2021, 3:29:38 am UTC) from US

Summary HTTP 167 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 48 IPs in 8 countries across 43 domains to perform 167 HTTP transactions. The main IP is 35.203.160.220, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is 1035thearrow.com.
TLS certificate: Issued by R3 on June 26th 2021. Valid for: 3 months.

This is the only time 1035thearrow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	35.203.160.220 35.203.160.220	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6812:678	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1800:7:5253:f880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:5000:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
16	104.22.3.144 104.22.3.144	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.99.124 13.224.99.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	34.194.181.37 34.194.181.37	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	208.92.55.20 208.92.55.20	13360 (TRITONDIG...) (TRITONDIGITAL)
7	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:da00:1:3a48:ffc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	208.100.17.181 208.100.17.181	32748 (STEADFAST) (STEADFAST)
2 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
5 5	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7 7	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 3	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	52.19.63.112 52.19.63.112	16509 (AMAZON-02) (AMAZON-02)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
2 2	52.59.102.119 52.59.102.119	16509 (AMAZON-02) (AMAZON-02)
1	38.27.122.101 38.27.122.101	174 (COGENT-174) (COGENT-174)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	208.100.17.173 208.100.17.173	32748 (STEADFAST) (STEADFAST)
1 2	72.21.206.140 72.21.206.140	16509 (AMAZON-02) (AMAZON-02)
1 1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
167	48

46 35.203.160.220 (The Dalles, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 220.160.203.35.bc.googleusercontent.com

1035thearrow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:678 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1800:7:5253:f880:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.listenlive.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:5000:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 104.22.3.144 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.99.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-124.zrh50.r.cloudfront.net

assistant.woorank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.cz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.194.181.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-181-37.compute-1.amazonaws.com

www.woorank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.92.55.20 (Canada)

ASN13360 (TRITONDIGITAL, CA)

np.tritondigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:da00:1:3a48:ffc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

songdata.bonneville.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.181 (United States)

ASN32748 (STEADFAST, US)
PTR: ip181.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.79 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.81 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.250 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.131 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.63.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.102.119 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.27.122.101 (United States)

ASN174 (COGENT-174, US)

match.bnmla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.173 (United States)

ASN32748 (STEADFAST, US)

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.206.140 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	1035thearrow.com 1 redirects 1035thearrow.com	2 MB
23	googlesyndication.com pagead2.googlesyndication.com b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com tpc.googlesyndication.com	214 KB
16	infolinks.com resources.infolinks.com router.infolinks.com	274 KB
14	doubleclick.net 7 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	139 KB
11	googleapis.com fonts.googleapis.com imasdk.googleapis.com	123 KB
10	adform.net track.adform.net s1.adform.net c1.adform.net	99 KB
9	pubmatic.com 9 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	3 KB
7	google.com adservice.google.com www.google.com mts0.google.com	61 KB
6	casalemedia.com 2 redirects ssum-sec.casalemedia.com dsum-sec.casalemedia.com	7 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	87 KB
6	cookiepro.com cookie-cdn.cookiepro.com	93 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com	3 KB
4	adnxs.com 4 redirects ib.adnxs.com	4 KB
4	googletagservices.com www.googletagservices.com	125 KB
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	woorank.com assistant.woorank.com www.woorank.com	4 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	google.de adservice.google.de www.google.de	272 B
2	facebook.net connect.facebook.net	68 KB
1	sitescout.com 1 redirects pixel-sync.sitescout.com	299 B
1	33across.com ssc-cms.33across.com	72 B
1	rfihub.com 1 redirects p.rfihub.com	753 B
1	bnmla.com match.bnmla.com	114 B
1	adkernel.com dsp.adkernel.com	233 B
1	cpx.to s.cpx.to	945 B
1	sonobi.com sync.go.sonobi.com	478 B
1	zemanta.com 1 redirects b1sync.zemanta.com	288 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	onetag-sys.com onetag-sys.com	823 B
1	tynt.com de.tynt.com	289 B
1	bonneville.com songdata.bonneville.com	503 B
1	tritondigital.com np.tritondigital.com	668 B
1	facebook.com www.facebook.com	147 B
1	google.cz adservice.google.cz	853 B
1	googleadservices.com partner.googleadservices.com	411 B
1	googletagmanager.com www.googletagmanager.com	34 KB
1	jwplatform.com content.jwplatform.com	37 KB
1	listenlive.co sdk.listenlive.co	260 KB
167	43

	Domain	Requested by
46	1035thearrow.com	1 redirects 1035thearrow.com
13	router.infolinks.com	resources.infolinks.com router.infolinks.com ssum-sec.casalemedia.com
10	tpc.googlesyndication.com	b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	1035thearrow.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
10	fonts.googleapis.com	1035thearrow.com b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
7	cm.g.doubleclick.net	7 redirects
6	track.adform.net	b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com s1.adform.net
6	cookie-cdn.cookiepro.com	1035thearrow.com cookie-cdn.cookiepro.com
5	image8.pubmatic.com	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
4	ups.analytics.yahoo.com	3 redirects ssum-sec.casalemedia.com
4	ib.adnxs.com	4 redirects
4	www.google.com	1035thearrow.com b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com tpc.googlesyndication.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 1035thearrow.com
4	www.googletagservices.com	1035thearrow.com pagead2.googlesyndication.com b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	match.adsrvr.org	2 redirects ssum-sec.casalemedia.com
3	ssum-sec.casalemedia.com	1 redirects router.infolinks.com ssum-sec.casalemedia.com
3	s1.adform.net	track.adform.net s1.adform.net 1035thearrow.com
3	b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	resources.infolinks.com	1035thearrow.com resources.infolinks.com
2	bcp.crwdcntrl.net	1 redirects ssum-sec.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ap.lijit.com	2 redirects
2	pixel.advertising.com	2 redirects
2	sync.1rx.io	2 redirects
2	image4.pubmatic.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	www.woorank.com	assistant.woorank.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	connect.facebook.net	1035thearrow.com connect.facebook.net
1	c1.adform.net	ssum-sec.casalemedia.com
1	pixel-sync.sitescout.com	1 redirects
1	ssc-cms.33across.com	router.infolinks.com
1	p.rfihub.com	1 redirects
1	match.bnmla.com	router.infolinks.com
1	dsp.adkernel.com	router.infolinks.com
1	s.cpx.to	router.infolinks.com
1	sync.go.sonobi.com	router.infolinks.com
1	b1sync.zemanta.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	onetag-sys.com	router.infolinks.com
1	de.tynt.com	router.infolinks.com
1	songdata.bonneville.com	1035thearrow.com
1	mts0.google.com	b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
1	www.gstatic.com	b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
1	np.tritondigital.com	sdk.listenlive.co
1	imasdk.googleapis.com	sdk.listenlive.co
1	www.google.de	1035thearrow.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.facebook.com	1035thearrow.com
1	adservice.google.cz	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	assistant.woorank.com	1035thearrow.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	1035thearrow.com
1	content.jwplatform.com	1035thearrow.com
1	sdk.listenlive.co	1035thearrow.com
167	60

This site contains links to these domains. Also see Links.

Domain
player.listenlive.co
www.facebook.com
www.instagram.com
www.youtube.com
publicfiles.fcc.gov
deseretmanagement.wd1.myworkdayjobs.com
bonneville.com
cookiepedia.co.uk
www.cookiepro.com
onetrust.com

Subject Issuer	Validity	Valid
1035thearrow.com R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.listenlive.co Amazon	`2020-10-02` - `2021-11-03`	a year	crt.sh
jwplayer.com Amazon	`2021-01-29` - `2022-02-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.woorank.com Go Daddy Secure Certificate Authority - G2	`2020-04-06` - `2022-06-05`	2 years	crt.sh
*.google.cz GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.tritondigital.com Go Daddy Secure Certificate Authority - G2	`2021-01-19` - `2022-02-20`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
songdata.bonneville.com Amazon	`2020-09-25` - `2021-10-25`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
s.cpx.to Sectigo RSA Domain Validation Secure Server CA	`2021-02-03` - `2022-02-09`	a year	crt.sh
*.adkernel.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-22` - `2022-01-05`	a year	crt.sh
*.bnmla.com Go Daddy Secure Certificate Authority - G2	`2021-01-06` - `2022-02-07`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh

This page contains 12 frames:

Primary Page: https://1035thearrow.com/
Frame ID: 5D694B6E384E2B507366A8A30DC83AAC
Requests: 98 HTTP requests in this frame

Frame: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 480CCF79413DBF15C872912CA81F3C68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: AA8EF975BC1B6D93E8A9C8D1BFC78EDC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1759096139983112&output=html&adk=1812271804&adf=3025194257&lmt=1626060554&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1035thearrow.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626060554682&bpp=7&bdt=1014&idt=175&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5345915908965&frm=20&pv=2&ga_vid=1877901610.1626060555&ga_sid=1626060555&ga_hid=1286785474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31060973%2C31061745&oid=3&pvsid=2219664460032670&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=214
Frame ID: 0D42CABAE2E08B1A54EDCD3D14678B3E
Requests: 1 HTTP requests in this frame

Frame: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CA583EDC9F7237248F783048B927BF84
Requests: 19 HTTP requests in this frame

Frame: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B9FD394661B7792B46175EA356177548
Requests: 18 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Frame ID: 6E94677122A8716255C048537053D8C4
Requests: 16 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: CD41FE3191DC1F6C6164CE6DDD2D5C61
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: CC3C3C6F8EE911FD2634C25BDA52D83A
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 7F181746C54DD1BAB69AB410A6F5A06A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 75AB49F74739B349B8EB70824855B52C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A31CF0A7F5E4CFB58D697CAC10D5A6CF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://1035thearrow.com/ HTTP 301
https://1035thearrow.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

167
Requests

100 %
HTTPS

47 %
IPv6

43
Domains

60
Subdomains

48
IPs

8
Countries

3866 kB
Transfer

7672 kB
Size

16
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://player.listenlive.co/35841
Title: Listen Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1035TheArrow/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/1035thearrow/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNOUxaa7_WlLWlxAGA8IP5Q
Title: YouTube

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/krsp-fm
Title: Radio FCC Public File

Search URL Search Domain Scan URL

URL: https://deseretmanagement.wd1.myworkdayjobs.com/BonSaltLake
Title: Employment

Search URL Search Domain Scan URL

URL: https://bonneville.com/copyright-clearance/
Title: Licensing

Search URL Search Domain Scan URL

URL: https://bonneville.com/datarequest/
Title: Do Not Sell My Data

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.cookiepro.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1035thearrow.com/ HTTP 301
https://1035thearrow.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 135

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjI1RDIwQTYtNjkzOC00NjE4LTg3NjYtN0E4RTQ3RjVDQTM5&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjI1RDIwQTYtNjkzOC00NjE4LTg3NjYtN0E4RTQ3RjVDQTM5&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC422CF0F-3CA9-490F-BA81-72CAD3CD5907 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907

Request Chain 136

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
https://router.infolinks.com/dyn/apn-usync?user_id=7603292377863356613

Request Chain 137

https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
https://router.infolinks.com/dyn/VR-usync?uid=y-FLF5989E2uFoNotuDBm__bD427Zjaciuf9vPDtg-~A

Request Chain 138

https://sync.1rx.io/usersync2/infolinks HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2106363526 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2106363526 HTTP 302
https://sync.1rx.io/usersync/tradedesk/ef6f2f96-bd01-48b7-9624-d4acac3d1644 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003 HTTP 302
https://router.infolinks.com/dyn/r1-usync?uid=RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003

Request Chain 139

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 141

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252F1035thearrow.com%252F&pid=12306&adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252F1035thearrow.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
https://s.cpx.to/ca.png?ref=https%3A%2F%2F1035thearrow.com%2F&pid=12306&adnxs_uid=7603292377863356613

Request Chain 143

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP565e2d6b-e2c1-11eb-a39b-06f09cce428e HTTP 302
https://router.infolinks.com/dyn/outh-usync?uid=y-UsEbFkBE2uGh5KXYRXlKZgb4kGKKL3Il~A~UP565e2d6b-e2c1-11eb-a39b-06f09cce428e

Request Chain 145

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
https://router.infolinks.com/dyn/sovrn-usync?uid=7a3f6708bc868c558ab2e7b9

Request Chain 146

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyMkNGMEYtM0NBOS00OTBGLUJBODEtNzJDQUQzQ0Q1OTA3&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyMkNGMEYtM0NBOS00OTBGLUJBODEtNzJDQUQzQ0Q1OTA3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC422CF0F-3CA9-490F-BA81-72CAD3CD5907 HTTP 302
https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907

Request Chain 148

https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
https://router.infolinks.com/dyn/zeta-usync?uid=1871878971543645161

Request Chain 150

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&dcc=t

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOu3DRJrHQvq8A6rkbJmOgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGhh0rTXfCTArSR398FDilk&google_cver=1&gdpr=1

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEe_vW8C56hunOkXpw_6Pbc&google_cver=1

Request Chain 154

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628652557

Request Chain 155

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185?gdpr_consent=&us_privacy=&gdpr=1

167 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
1035thearrow.com/
Redirect Chain

http://1035thearrow.com/
https://1035thearrow.com/

43 KB
11 KB

986ms
484ms

Document
text/html

35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 082110cd2efb228df84c8014c05892ac037224a2414087bde6e1276d9a2da48b

Request headers

:method: GET
:authority: 1035thearrow.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

server: nginx
date: Mon, 12 Jul 2021 03:29:13 GMT
content-type: text/html; charset=UTF-8
content-length: 10494
set-cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://1035thearrow.com/wp-json/>; rel="https://api.w.org/" <https://1035thearrow.com/wp-json/wp/v2/pages/12>; rel="alternate"; type="application/json" <https://1035thearrow.com/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://1035thearrow.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://1035thearrow.com
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: WP Engine
x-pass-why: custom-path

Redirect headers

Server: nginx
Date: Mon, 12 Jul 2021 03:29:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://1035thearrow.com/

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 17 KB
6 KB 34ms
17ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: H8Znzy3Akix+HhQXpXQuNw==
age: 2750118
x-ms-lease-status: unlocked
last-modified: Fri, 04 Jun 2021 02:39:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fab1149d-e01e-0078-31ca-5d9bb5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 66d72f9c8fcb2b65-FRA
expires: Tue, 20 Jul 2021 03:29:13 GMT

GET
H2 200 common-skeleton.min.css
1035thearrow.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 26 KB
5 KB 187ms
183ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c6d3da39b43a0322a762fd047157070ae066272f31a9863b39152bfb102b273

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.12.12
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Sun, 08 Nov 2020 06:07:18 GMT
server: nginx
etag: W/"5fa78b16-68db"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 tooltip.min.css
1035thearrow.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
752 B 196ms
192ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.12.12
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Sun, 08 Nov 2020 06:07:18 GMT
server: nginx
etag: W/"5fa78b16-662"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.min.css
1035thearrow.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 234ms
231ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.5.5
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
server: nginx
etag: W/"5f47f4c6-d293"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fonts.css
1035thearrow.com/wp-content/plugins/photo-gallery/css/bwg-fonts/ 4 KB
1 KB 204ms
200ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: dceed1deb7cf1629e1389e4867c58d10d63efea7d6d5eafdc40c13baccdf9506

Request headers

:path: /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-fbc"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 sumoselect.min.css
1035thearrow.com/wp-content/plugins/photo-gallery/css/ 7 KB
2 KB 235ms
231ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.0.3
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 164870fd7248cfe360a8b2df4e266940dfd5738e8da6bf9ae3a7dc42bb55fa48

Request headers

:path: /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.0.3
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-1adb"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.mCustomScrollbar.min.css
1035thearrow.com/wp-content/plugins/photo-gallery/css/ 10 KB
1 KB 245ms
241ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=2.5.36
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9d51f16d1f006e9e72942b8a8f92384d5262e22f5cbf6bd0eb5a18cd84420064

Request headers

:path: /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=2.5.36
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-292a"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
481 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:15:48 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:13 GMT

GET
H2 200 styles.min.css
1035thearrow.com/wp-content/plugins/photo-gallery/css/ 40 KB
7 KB 266ms
263ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=2.5.36
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 711d5edf8d5be12754f1f6f166574730e615706603e12a5ff663da7eae1e0e03

Request headers

:path: /wp-content/plugins/photo-gallery/css/styles.min.css?ver=2.5.36
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-a17a"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ctt-module-design.css
1035thearrow.com/wp-content/plugins/click-to-tweet/css/ 44 KB
8 KB 338ms
334ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: face987d840282dd0b20c5610d5aaccfb00c49b651fca6100b8fe4e4de5253dd

Request headers

:path: /wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 28 Mar 2019 20:32:46 GMT
server: nginx
etag: W/"5c9d2f6e-aeb0"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 animate.css
1035thearrow.com/wp-content/plugins/wp-quiz-pro/assets/frontend/css/ 73 KB
5 KB 370ms
366ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/wp-quiz-pro/assets/frontend/css/animate.css?ver=3.6.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5

Request headers

:path: /wp-content/plugins/wp-quiz-pro/assets/frontend/css/animate.css?ver=3.6.0
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 19:55:29 GMT
server: nginx
etag: W/"5d0d3631-1252c"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-quiz.css
1035thearrow.com/wp-content/plugins/wp-quiz-pro/assets/frontend/css/ 37 KB
8 KB 370ms
366ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/wp-quiz-pro/assets/frontend/css/wp-quiz.css?ver=2.0.10
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1e358ef93dc574ac80f791e51a64734b039b6983e63dffa05fad7a26220ec4df

Request headers

:path: /wp-content/plugins/wp-quiz-pro/assets/frontend/css/wp-quiz.css?ver=2.0.10
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 19:55:29 GMT
server: nginx
etag: W/"5d0d3631-922c"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fluidbox.min.css
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/ 3 KB
886 B 392ms
389ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/fluidbox.min.css?ver=5.5.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e6847b94bd5e51e44a02445defa1b6b49d6936baac2883a6259af3388a6af067

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/fluidbox/fluidbox.min.css?ver=5.5.5
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-c21"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 font-awesome.min.css
1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/css/ 30 KB
7 KB 424ms
420ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=1.1
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

:path: /wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=1.1
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-7918"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 styles.css
1035thearrow.com/wp-content/themes/bonneville-music/assets/css/ 19 KB
5 KB 444ms
440ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/styles.css?ver=1.11
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: da9d71367d72333089ca61a19bed0b1b4c2ce91c908970924cf003ec6453c53c

Request headers

:path: /wp-content/themes/bonneville-music/assets/css/styles.css?ver=1.11
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Wed, 09 Jun 2021 16:24:04 GMT
server: nginx
etag: W/"60c0eb24-4c2e"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 light.css
1035thearrow.com/wp-content/themes/bonneville-music/assets/css/ 426 B
432 B 444ms
441ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/light.css?ver=1.1
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 609b268cb0a03c26778c1e1b1d875b599590ba5327b2a3fe366ea1d502fbc823

Request headers

:path: /wp-content/themes/bonneville-music/assets/css/light.css?ver=1.1
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-1aa"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 articles.css
1035thearrow.com/wp-content/themes/bonneville-music/assets/css/ 2 KB
943 B 444ms
442ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/articles.css?ver=1.10
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2af9237a0c714e46bef1426c9e28d67cc29473cc81641324dfe2644272a765e2

Request headers

:path: /wp-content/themes/bonneville-music/assets/css/articles.css?ver=1.10
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Mon, 04 Jan 2021 20:41:25 GMT
server: nginx
etag: W/"5ff37d75-7a7"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 triton-player.css
1035thearrow.com/wp-content/themes/bonneville-music/assets/css/ 645 B
530 B 445ms
442ms Stylesheet
text/css 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/triton-player.css?ver=1.1
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 51d640952c23f17f06b9fc75baf404887a8cab2c726e247647d846b8bf32fcdd

Request headers

:path: /wp-content/themes/bonneville-music/assets/css/triton-player.css?ver=1.1
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-285"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H3-29 200 css
fonts.googleapis.com/ 4 KB
483 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Manrope%3A400%2C600%2C800&display=swap&ver=5.5.5

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37f36250afd851bde07a41c7de6c2c0478b2a504a1370bc882e419349e3344ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:29:13 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:13 GMT

GET
H2 200 jquery.js Show response
1035thearrow.com/wp-includes/js/jquery/ 95 KB
34 KB 469ms
466ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
etag: W/"5cde37d2-17a69"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.sumoselect.min.js Show response
1035thearrow.com/wp-content/plugins/photo-gallery/js/ 27 KB
8 KB 469ms
466ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 53a2d5c7ab1d03ed1dfd764153fd1684258d90bb4c23c10ecc45782debbe5c5b

Request headers

:path: /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-6b9f"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.mobile.min.js Show response
1035thearrow.com/wp-content/plugins/photo-gallery/js/ 6 KB
3 KB 495ms
492ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.3.2
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d50e992ac846d1a23ac3fde9ddc997a572fc65702611c667b0a758cf8ee99083

Request headers

:path: /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.3.2
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-1912"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.mCustomScrollbar.concat.min.js Show response
1035thearrow.com/wp-content/plugins/photo-gallery/js/ 25 KB
6 KB 494ms
492ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=2.5.36
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: db06dcfa0112b05cef7abd20fadc5baf632a316515f07cfd4fceb436c8a0cb1b

Request headers

:path: /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=2.5.36
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-6250"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.fullscreen-0.4.1.min.js Show response
1035thearrow.com/wp-content/plugins/photo-gallery/js/ 7 KB
3 KB 494ms
493ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 385813a881f5c38f9a6278bf563f25745335355789ab5bdc32cb2af7070e6058

Request headers

:path: /wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-1dcc"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.min.js Show response
1035thearrow.com/wp-content/plugins/photo-gallery/js/ 184 KB
34 KB 494ms
493ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=2.5.36
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e845654291c2a1d371755e0aea36c8504f6ceabab14dd6a3232d82d458137a8c

Request headers

:path: /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=2.5.36
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Tue, 08 Oct 2019 04:24:11 GMT
server: nginx
etag: W/"5d9c0f6b-2e13c"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 scripts.js Show response
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/ 2 KB
875 B 494ms
493ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/scripts.js?ver=1.0.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: eeefd70a12120465a046c7bda29524434ed1d302d534b5960632cc8e2c521206

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/scripts.js?ver=1.0.5
pragma: no-cache
cookie: PHPSESSID=51d25c2b633381d934bbaa93b81625bd
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-7d6"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de646d47787f94274ddf06767917246c0b8e308f9dd69e9fcbe7e4b0e7277562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48625
x-xss-protection: 0
server: cafe
etag: 595242206813125494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 68 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b01f1d4f25f792a5aeaf377e16c55ac53a94ea3e5696d98ee6de29e74934d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "928 / 709 of 1000 / last-modified: 1625868492"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24112
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 KRSP_PRIMARY_RECTANGLE.png
1035thearrow.com/wp-content/plugins/bonneville-logos-manager/logos/ 206 KB
207 KB 235ms
234ms Image
image/png 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/plugins/bonneville-logos-manager/logos/KRSP_PRIMARY_RECTANGLE.png
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: abe2ebc15566655ce3c9ffe31ade17bec0624f6bd68019dd2c6981f20e6e3720

Request headers

:path: /wp-content/plugins/bonneville-logos-manager/logos/KRSP_PRIMARY_RECTANGLE.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Wed, 03 Feb 2021 20:55:37 GMT
server: nginx
etag: "601b0dc9-3394a"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 211274

GET
H2 200 hea-103days21e1500x630-1440x600.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/05/ 162 KB
163 KB 514ms
513ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/05/hea-103days21e1500x630-1440x600.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f6107095bc969096cf0c22d425f1422f596a78ed0252176f3de4dc0b390e0acf

Request headers

:path: /wp-content/uploads/sites/11/2021/05/hea-103days21e1500x630-1440x600.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:15 GMT
last-modified: Sun, 20 Jun 2021 07:11:05 GMT
server: nginx
etag: "f50a48c0987dcb43435e45b902f68ba4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 166175
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 hea-songchallenge1200x630.jpg
1035thearrow.com/wp-content/uploads/sites/11/2020/09/ 229 KB
230 KB 550ms
550ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2020/09/hea-songchallenge1200x630.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c2f99047ada383a4bb9b4b9f2f837377c2094c5ebf4dc4146cab676dab1371a7

Request headers

:path: /wp-content/uploads/sites/11/2020/09/hea-songchallenge1200x630.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:15 GMT
last-modified: Mon, 02 Nov 2020 07:11:50 GMT
server: nginx
etag: "6eb4f0636b0fd5a4e765b65d3977fbb8"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 234939
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 hea-knowscript1200x630.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/01/ 328 KB
328 KB 499ms
498ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/01/hea-knowscript1200x630.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8f0462602e417cf9504ad1b0cb9a9b31d7a66b93de192a24a9120c66b9cb54fa

Request headers

:path: /wp-content/uploads/sites/11/2021/01/hea-knowscript1200x630.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Sun, 31 Jan 2021 07:10:19 GMT
server: nginx
etag: "057033d6ab651cc109eed0d6477d41dd"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 335617
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 hea-waytoquit1200x630.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 515 KB
515 KB 482ms
481ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/hea-waytoquit1200x630.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9bc48879168d7799dff83ea61f8422597ba5ab873ff0e2ee262a66d849e266d5

Request headers

:path: /wp-content/uploads/sites/11/2021/06/hea-waytoquit1200x630.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Sat, 10 Jul 2021 07:10:25 GMT
server: nginx
etag: "61c9675806d28621e77ff9ceb9203be2"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 526913
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 log-goodranchers300x375.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 28 KB
28 KB 417ms
416ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/log-goodranchers300x375.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a00d7ab83ba557bb748631adc82b394a050eb87cb68c2acbec0e896ae2fae73f

Request headers

:path: /wp-content/uploads/sites/11/2021/06/log-goodranchers300x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Wed, 23 Jun 2021 07:10:30 GMT
server: nginx
etag: "e363e5260e97c95d324adf33d259969f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28353
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 log-herculescredit300x375.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 32 KB
33 KB 401ms
400ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/log-herculescredit300x375.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a5583b74277fc8ec404d84077c3cf6ff1705e7de3cf718504e0bada9efeb667f

Request headers

:path: /wp-content/uploads/sites/11/2021/06/log-herculescredit300x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Sun, 11 Jul 2021 07:10:23 GMT
server: nginx
etag: "9972e7c42cd91992078911c2d4cb2908"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 33022
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 pan-globetrotters300x375.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 48 KB
49 KB 494ms
493ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/pan-globetrotters300x375.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5bd463f503404edf500a3d8cb79cba815c9c04876e5d36fabb00c3f8585361cb

Request headers

:path: /wp-content/uploads/sites/11/2021/06/pan-globetrotters300x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:15 GMT
last-modified: Sun, 11 Jul 2021 07:10:22 GMT
server: nginx
etag: "953e5bd3752e14e85cc251092e264ce1"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49522
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 log-smithedwards300x375.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 28 KB
28 KB 408ms
407ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/log-smithedwards300x375.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 005874f7a90dc744417d7df8283c896e1c1d2f6b54bfab180a8f5cc9e0ecc0d3

Request headers

:path: /wp-content/uploads/sites/11/2021/06/log-smithedwards300x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Sun, 11 Jul 2021 07:10:23 GMT
server: nginx
etag: "55c82ce9cad9b0158476ecaafa965772"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28500
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 log-motorsportsland300x375.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 49 KB
49 KB 474ms
473ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/log-motorsportsland300x375.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d59254e73657b9a995bfea0f5d0e6a61547a50de268b0ecc749e95ddce43e115

Request headers

:path: /wp-content/uploads/sites/11/2021/06/log-motorsportsland300x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:15 GMT
last-modified: Sun, 11 Jul 2021 07:10:19 GMT
server: nginx
etag: "48e8a9ce1b3e12b0236cdac1c972522b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 49735
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 pan-halwing21a300x375.jpg
1035thearrow.com/wp-content/uploads/sites/11/2021/06/ 46 KB
46 KB 494ms
493ms Image
image/jpeg 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/uploads/sites/11/2021/06/pan-halwing21a300x375.jpg
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b35e08bf74d02171801298c4aa993f4b1cfe68c86ea5ff8ec03a0c558a2ea022

Request headers

:path: /wp-content/uploads/sites/11/2021/06/pan-halwing21a300x375.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 12 Jul 2021 03:29:15 GMT
last-modified: Sun, 11 Jul 2021 07:10:25 GMT
server: nginx
etag: "990df9e741719ab15c4803a77a7dacb9"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47167
expires: Wed, 11 Aug 2021 03:29:14 GMT

GET
H2 200 ctt-script.js Show response
1035thearrow.com/wp-content/plugins/click-to-tweet/js/ 14 KB
2 KB 174ms
173ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/js/ctt-script.js?ver=1.0.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b557684df0ea0c6d9cefce5735d183a031ba4644e61be1951dc3d329506f9637

Request headers

:path: /wp-content/plugins/click-to-tweet/js/ctt-script.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Thu, 28 Mar 2019 20:32:46 GMT
server: nginx
etag: W/"5c9d2f6e-3636"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ajax-search.js Show response
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/ 1 KB
637 B 333ms
332ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/ajax-search.js?ver=1.0.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e6668c93f25f03f6b7f2993783aa6139a4e6cbceba0e751b62bdb54aaf8e79a8

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/ajax-search.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Thu, 22 Oct 2020 22:01:44 GMT
server: nginx
etag: W/"5f920148-452"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 td-sdk.min.js Show response
sdk.listenlive.co/web/2.9/ 946 KB
260 KB 45ms
10ms Script
application/javascript 2600:9000:2156:1800:7:5253:f880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.listenlive.co/web/2.9/td-sdk.min.js?ver=1.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:7:5253:f880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7099df1a6e579601e1452471dc14bf1e025c771c37df56b73fe6c97bdbdc3b49

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:09:39 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 06:02:05 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:1000/gname:jenkins/uname:jenkins/gid:1000/mode:33188/mtime:1625740744/atime:1625740744/md5:da3943a80eee51bc83d61945b0b00574/ctime:1625740744
age: 1308
etag: W/"da3943a80eee51bc83d61945b0b00574"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Cb0VW4RuByk_5A_Ey_aHbOdxCyfcmKGeC7bLqw5aLcqA_n5WdwMI5g==

GET
H2 200 kxULhiz3.js Show response
content.jwplatform.com/libraries/ 112 KB
37 KB 188ms
157ms Script
text/javascript 2600:9000:2190:5000:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/kxULhiz3.js?ver=1.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5000:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 3f45c3845e89f204d224d9dec67754a278722029e9445f0f2ffbc65612beccc9

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 37460
via: 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
x-amz-cf-id: 1SJ2Q2hc2LzG1tR2ktRpW24XOBOGqyON2BmuTS1OjDi72ek5wRZ3yA==
expires: Mon, 12 Jul 2021 03:31:44 GMT

GET
H2 200 triton-player.js Show response
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/ 17 KB
5 KB 182ms
178ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/triton-player.js?ver=1.1
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ff48cb6d90b8904d82852f61d56993c0ebdc6167117caaed0eda5011779f4179

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/triton-player.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Wed, 19 May 2021 19:29:07 GMT
server: nginx
etag: W/"60a56703-421c"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 ajax-nav.js Show response
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/ 13 KB
3 KB 182ms
179ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/ajax-nav.js?ver=1.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 166352d1b0ffba1fc5e0c8e5a94a473cee7f43b2d420e09b27bbe91305d9c58e

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/ajax-nav.js?ver=1.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Tue, 22 Dec 2020 21:26:27 GMT
server: nginx
etag: W/"5fe26483-3287"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.fluidbox.min.js Show response
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/ 10 KB
3 KB 183ms
179ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/jquery.fluidbox.min.js?ver=5.5.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b3598d370d1870a8ec0373d2ff34f4efde21e83e3848fb7af2da622111fe9dac

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/fluidbox/jquery.fluidbox.min.js?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-27f4"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fluidbox-init.js Show response
1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/ 164 B
318 B 188ms
185ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/fluidbox-init.js?ver=1.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79981d081a217c93ec2be4c29e0f6f43c2873f9ab3c313dce9c8a549b3a5f050

Request headers

:path: /wp-content/themes/bonneville-music/assets/js/fluidbox/fluidbox-init.js?ver=1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: W/"5f6cd326-a4"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
1035thearrow.com/wp-includes/js/ 1 KB
947 B 188ms
185ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-includes/js/wp-embed.min.js?ver=5.5.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.5.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
last-modified: Fri, 05 Feb 2021 03:06:34 GMT
server: nginx
etag: W/"601cb63a-592"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 744ms
250ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9f5ecca3e469c709ac793efe7ebec0c218427a1be41f6ec9a0da01be7d440b

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

cf-ray: 66d72fa6495d0ffa-MRS
date: Mon, 12 Jul 2021 03:29:15 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 05 Jul 2021 07:59:21 GMT
server: cloudflare
age: 11028
etag: W/"d91-5c65baed51ebc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 12 Jul 2021 01:25:27 GMT

GET
H2 200 9be6417f-52a1-4899-9ac3-33d2e7d35710.json Show response
cookie-cdn.cookiepro.com/consent/9be6417f-52a1-4899-9ac3-33d2e7d35710/ 2 KB
1 KB 69ms
56ms XHR
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/9be6417f-52a1-4899-9ac3-33d2e7d35710/9be6417f-52a1-4899-9ac3-33d2e7d35710.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eceb798154047577dccc1bbe0f904101c405433eb8e782cf4846b8f3f7da2513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Jul 2021 03:29:13 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
content-md5: vObAxMbB2M1g3VOKhtM6kA==
x-ms-lease-status: unlocked
last-modified: Tue, 01 Sep 2020 16:32:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5df727d5-101e-0098-3780-38182c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 66d72f9cdd3d4dbe-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3816b4568ed38a9c2f07971deeeb2a2a0170ebe354f97045681bab791d974f1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: aNTJL+zFht5XrpRurtKukw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: ImCnQKQS7WdcSoc7jMmuJrRXnk14zA7H0O7NQWvhfmQ+W7vSje89GwESnuk7a61VbCdbbHbS6xnh1APbSSZGsg==
x-fb-trip-id: 917726464
x-fb-content-md5: 295bb01ab04b6668e40df06a69887dc2
x-frame-options: DENY
date: Mon, 12 Jul 2021 03:29:14 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "122e761202044fee71b27dfb00ca5f73"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 12 Jul 2021 03:33:15 GMT

GET
H2 200 wp-emoji-release.min.js Show response
1035thearrow.com/wp-includes/js/ 14 KB
5 KB 234ms
234ms Script
application/javascript 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.5.5
pragma: no-cache
cookie: _gid=GA1.2.2116101100.1626060555; _gat_UA-58886804-3=1; __gads=ID=d295df55322b0d5e-220f5f7c6ac900b3:T=1626060554:RT=1626060554:S=ALNI_MYmFPoOHB-lm-ehdTzH5W21VkJGng; sdk_cid=8e800a6a-ab94-496e-e9fb-334e642123b7; _ga=GA1.2.8e800a6a-ab94-496e-e9fb-334e642123b7; OptanonConsent=isIABGlobal=false&datestamp=Mon+Jul+12+2021+05%3A29%3A15+GMT%2B0200+(Central+European+Summer+Time)&version=6.5.0&hosts=&consentId=0513b08b-abd1-4c7e-b8f4-d729d29bcccb&interactionCount=0&landingPath=https%3A%2F%2F1035thearrow.com%2F&groups=C0003%3A1%2CC0001%3A1%2CC0002%3A1%2CC0004%3A1%2CBG15%3A1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
content-encoding: br
last-modified: Fri, 05 Feb 2021 03:06:34 GMT
server: nginx
etag: W/"601cb63a-3795"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.5.0/ 325 KB
58 KB 25ms
24ms Script
application/javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.5.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: AvbD4VHYe4H/QnyU6j8v5w==
age: 2750118
x-ms-lease-status: unlocked
last-modified: Fri, 21 Aug 2020 01:45:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e083e8ae-f01e-005b-28ca-5d0176000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 66d72fa23d862b65-FRA
expires: Tue, 20 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 20 KB
1 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 02:35:24 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 8 KB
632 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Playfair+Display:400,400italic,700,700italic,900,900italic

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0dd7352b83bc2ae48a255ffabf8f167a8d2c52a7dca9c2669d5d9456154fc3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:29:14 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 7 KB
579 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,100,100italic,300,300italic,400italic,700,700italic,900,900italic

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 02:09:15 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 3 KB
579 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 02:24:51 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 5 KB
615 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif:400,400italic,700italic,700

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:29:14 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 712 B
319 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Mate:400,400italic

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c2af8277c62809e12050697a0f92dec885ff5a00ca91f15819ae5e7345a588c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:21:36 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 20 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,100,300,100italic,400italic,300italic,700,500italic,500,700italic

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/plugins/click-to-tweet/css/ctt-module-design.css?ver=5.5.5

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:29:14 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 pubads_impl_2021070101.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 114ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Jul 2021 08:37:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117092
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 86 KB
34 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NKRRSL

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e584a2301736fc4ea27cfae5cb5e292188654c9aeade91e2a0cf44304e9260c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34420
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 fontawesome-webfont.woff2
1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/fonts/ 75 KB
76 KB 186ms
185ms Font
font/woff2 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=1.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

:path: /wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
origin: https://1035thearrow.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: 1035thearrow.com
referer: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=1.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://1035thearrow.com
Referer: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/css/font-awesome-4.7.0/css/font-awesome.min.css?ver=1.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Thu, 24 Sep 2020 17:11:02 GMT
server: nginx
etag: "5f6cd326-12d68"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 77160

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v4/ 22 KB
22 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v4/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Manrope%3A400%2C600%2C800&display=swap&ver=5.5.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41d60f8ac48aafcddd891ddebb318735c5684c4d8c8971f2a236233f89fc3be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://1035thearrow.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 18:31:15 GMT
x-content-type-options: nosniff
age: 550679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22788
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:57:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 18:31:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 14ms
13ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=1035thearrow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 20ms
18ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1035thearrow.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 74 KB
18 KB 834ms
797ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2219664460032670&correlator=312984415034365&output=ldjh&impl=fifs&vrg=2021070101&ptt=17&sc=1&sfv=1-0-38&ecs=20210712&iu_parts=21740664820%2CKRSP%2Ckrsp_top_leaderboard%2Ckrsp_bottom_leaderboard&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=970x250%7C970x90%7C728x90%7C1x1%2C970x250%7C970x90%7C728x90%7C1x1&cust_params=PostID%3D12%26CategoryID%3D1%26PostType%3Dpage%26PageURL%3D%252F%26Platform%3Dwebsite%26PodcastShowID%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1626060554&dt=1626060554624&dlt=1626060553668&idt=864&frm=20&biw=1600&bih=1200&oid=3&adxs=270%2C-9&adys=372%2C-9&adks=690421147%2C2070533641&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2F1035thearrow.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1310x0%7C0x-1&msz=1310x0%7C0x-1&ga_vid=1877901610.1626060555&ga_sid=1626060555&ga_hid=1286785474&ga_fc=false&fws=4%2C2&ohw=1310%2C0&btvi=0%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

51c0c1c886fd2b1d25a5cee83b3c0286c42901ef45e5fd64637d287abfec843a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18755
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://1035thearrow.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 480C 6 KB
3 KB 40ms
13ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 03:29:14 GMT
expires: Tue, 12 Jul 2022 03:29:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 228 KB
66 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7872590da759c743da2354213cbddaa4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11c5f7bfd5603bea1b10d69db9f5aa12a04a0789d54a37a70028fa7ffdee36d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://1035thearrow.com
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: foOKQq0D8usZBwKixZbTIg==
cross-origin-resource-policy: cross-origin
expires: Tue, 12 Jul 2022 02:40:49 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67901
x-fb-rlafr: 0
x-fb-debug: 6G3zqVmGF6W3mAaClyJsLmF99olajd06Px4S3QkWGgD5Mjw87ZuzlbvwpwxKeoceClpJubWbmlHLJTnZUD5kqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
x-fb-content-md5: ca5e51e975242f196f352e0259c2a4b6
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 12 Jul 2021 03:29:14 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ad8c6799e56777ae785122ae80d4eb03"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 240 KB
89 KB 56ms
54ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1759096139983112&plah=1035thearrow.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1323ea97b967b704490ad5dcbb0a32fbdf8f2af9a0fa2aafe39e1d2b0446ea1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91203
x-xss-protection: 0
server: cafe
etag: 1105565802238840608
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame AA8E 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210701/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 11 Jul 2021 22:29:07 GMT
expires: Sun, 25 Jul 2021 22:29:07 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 18007
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/9be6417f-52a1-4899-9ac3-33d2e7d35710/203a4fa3-a42e-4ca5-a0ff-8e699568899c/ 40 KB
10 KB 45ms
44ms Fetch
application/x-javascript 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/9be6417f-52a1-4899-9ac3-33d2e7d35710/203a4fa3-a42e-4ca5-a0ff-8e699568899c/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1e8eaacca666f82580c25b1c584eaeb3c6847e62a3dc9238ef8ec8623044025

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
content-md5: Lj2JqeGeZ7+JGQJgRJ07+Q==
x-ms-lease-status: unlocked
last-modified: Tue, 01 Sep 2020 16:32:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 33e1b624-401e-003c-0a80-38118a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 66d72fa37f024dbe-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NKRRSL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6314
date: Mon, 12 Jul 2021 01:44:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Mon, 12 Jul 2021 03:44:00 GMT

GET
H2 200 assistantLoader.latest.js Show response
assistant.woorank.com/hydra/ 8 KB
4 KB 102ms
29ms Script
application/javascript 13.224.99.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assistant.woorank.com/hydra/assistantLoader.latest.js
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.99.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-99-124.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af69362332b719fa71bae4ae2376efb88b647187e06d422353c8470c03b10c3c

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 13:36:54 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 13:40:16 GMT
server: AmazonS3
age: 49974
etag: W/"e9665303b45203f0eae0ff72ff678ad9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 6Q2XtwDaCrUdZ3xSy4dYLWHVPoGZkR85mb5v9G4b2WY-FSwNOJe1FA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
411 B 41ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1035thearrow.com&callback=_gfp_s_&client=ca-pub-1759096139983112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1759096139983112&plah=1035thearrow.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

89def23e3b0e2711a0c74d2af006a0fa8358c26997f0db5f76576f1d4c437c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 195
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
37ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1035thearrow.com%2F&tn=DIV&cls=now_playing&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
36ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1035thearrow.com%2F&tn=DIV&id=top&cls=top%20shadow&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.cz/adsid/ 107 B
853 B 44ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.cz/adsid/integrator.js?domain=1035thearrow.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
24ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1035thearrow.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D42 0
19 B 73ms
71ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1759096139983112&output=html&adk=1812271804&adf=3025194257&lmt=1626060554&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1035thearrow.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626060554682&bpp=7&bdt=1014&idt=175&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5345915908965&frm=20&pv=2&ga_vid=1877901610.1626060555&ga_sid=1626060555&ga_hid=1286785474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31060973%2C31061745&oid=3&pvsid=2219664460032670&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=214

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1759096139983112&output=html&adk=1812271804&adf=3025194257&lmt=1626060554&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F1035thearrow.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626060554682&bpp=7&bdt=1014&idt=175&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5345915908965&frm=20&pv=2&ga_vid=1877901610.1626060555&ga_sid=1626060555&ga_hid=1286785474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060972%2C31060973%2C31061745&oid=3&pvsid=2219664460032670&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=214
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 12 Jul 2021 03:29:14 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 12-Jul-2021 03:44:14 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 12 Jul 2021 03:29:14 GMT
cache-control: private

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 50ms
36ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830134516437"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27897
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2581567752070651&ev=fb_page_view&dl=https%3A%2F%2F1035thearrow.com%2F&rl=&if=false&ts=1626060554911&sw=1600&sh=1200&at=

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 12 Jul 2021 03:29:14 GMT

GET
H2 200 otFloatingRounded.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.5.0/assets/ 9 KB
3 KB 14ms
13ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.5.0/assets/otFloatingRounded.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f846ed36309bfe9664d9d9c91b159a914661d08a0322d2ac651f0c48f16437c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: qzadLsO8xE8H+QwYiWrp0g==
age: 2066401
x-ms-lease-status: unlocked
last-modified: Fri, 21 Aug 2020 01:45:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 9d56c133-e01e-0057-2002-64967e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 66d72fa468644dbe-FRA
expires: Tue, 20 Jul 2021 03:29:14 GMT

GET
H2 200 otPcCenter.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.5.0/assets/ 61 KB
15 KB 17ms
16ms Fetch
application/json 2606:4700::6812:678
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.5.0/assets/otPcCenter.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.5.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:678 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Jul 2021 03:29:14 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: ebGLXbyX4UjJx8DgFc7F7g==
age: 2722232
x-ms-lease-status: unlocked
last-modified: Fri, 21 Aug 2020 01:45:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 83242264-301e-009f-580b-5e744f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
cf-ray: 66d72fa468664dbe-FRA
expires: Tue, 20 Jul 2021 03:29:14 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1286785474&t=pageview&_s=1&dl=https%3A%2F%2F1035thearrow.com%2F&ul=en-us&de=UTF-8&dt=103.5%20The%20Arrow%20-%20Utah%27s%20Classic%20Rock&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1211037300&gjid=1083336957&cid=1877901610.1626060555&tid=UA-58886804-3&_gid=2116101100.1626060555&_r=1&gtm=2wg770NKRRSL&z=1890719743

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1035thearrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 check Show response
www.woorank.com/en/onpage-assistant/ 23 B
304 B 370ms
123ms Fetch
application/json 34.194.181.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woorank.com/en/onpage-assistant/check?url=https%3A%2F%2F1035thearrow.com%2F&pubkey=a744c6c1fb5431e7b05e9350073752b7

Requested by

Host: assistant.woorank.com
URL: https://assistant.woorank.com/hydra/assistantLoader.latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.194.181.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-181-37.compute-1.amazonaws.com

Software

Resource Hash

8a50a348d2e8dcbf6778fe369438fca5fe0a98b849dc33b647f19d37846bfe49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	Deny

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
x-frame-options: Deny
etag: W/"17-iSi1CVbiK8G/vT79W7/rTAJx4EE"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1035thearrow.com
access-control-allow-credentials: true
strict-transport-security: max-age=15768000; includeSubDomains
content-length: 23

OPTIONS
H2 204 check
www.woorank.com/en/onpage-assistant/ Frame 0
0 396ms
141ms Preflight 34.194.181.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.woorank.com/en/onpage-assistant/check?url=https%3A%2F%2F1035thearrow.com%2F&pubkey=a744c6c1fb5431e7b05e9350073752b7

Protocol

Server

34.194.181.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-194-181-37.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	Deny

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://1035thearrow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

x-frame-options: Deny
access-control-allow-origin: https://1035thearrow.com
vary: Origin, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
content-length: 0
date: Mon, 12 Jul 2021 03:29:15 GMT
strict-transport-security: max-age=15768000; includeSubDomains

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-58886804-3&cid=1877901610.1626060555&jid=1211037300&gjid=1083336957&_gid=2116101100.1626060555&_u=YAhAAAAAAAAAAC~&z=34809109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 12 Jul 2021 03:29:14 GMT
content-type: text/plain
access-control-allow-origin: https://1035thearrow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-58886804-3&cid=1877901610.1626060555&jid=1211037300&_u=YAhAAAAAAAAAAC~&z=438364849

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-58886804-3&cid=1877901610.1626060555&jid=1211037300&_u=YAhAAAAAAAAAAC~&z=438364849

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 339 KB
116 KB 20ms
13ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: sdk.listenlive.co
URL: https://sdk.listenlive.co/web/2.9/td-sdk.min.js?ver=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

637ddea341484e7a10cbf236109d751e940954fe905e1da470698fc9a771f421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118860
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:15 GMT

GET
H/1.1 200
OK nowplaying Show response
np.tritondigital.com/public/ 438 B
668 B 468ms
149ms XHR
text/xml 208.92.55.20
TRITONDIGITAL

General

Check archive.org

Show headers Download Go to

Full URL: https://np.tritondigital.com/public/nowplaying?mountName=KRSPFMAAC&numberToFetch=1&eventType=track&request.preventCache=1626060555135
Requested by: Host: sdk.listenlive.co
URL: https://sdk.listenlive.co/web/2.9/td-sdk.min.js?ver=1.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.92.55.20 , Canada, ASN13360 (TRITONDIGITAL, CA),
Reverse DNS
Software: nginx /
Resource Hash: 67bc55fcc2e934891d4d09d03c84b8c54e86bf0cd70ced02e1ef52ca7be8c4bc

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Jul 2021 03:29:15 GMT
Server: nginx
Connection: keep-alive
X-Cache-Status: EXPIRED
Transfer-Encoding: chunked
Content-Type: text/xml;charset=utf-8

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ 588 KB
188 KB 253ms
252ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa811ff2834d53f32832c8b70d7df7208264e144629487bbd91179ca13a5eca

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

cf-ray: 66d72fa7ea3a0ffa-MRS
date: Mon, 12 Jul 2021 03:29:15 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 09:46:40 GMT
server: cloudflare
age: 10964
etag: W/"9312d-5c5f89970a902"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 11 Aug 2021 00:26:31 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 container.html Show response
b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA58 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 03:29:14 GMT
expires: Tue, 12 Jul 2022 03:29:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B9FD 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021070101.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 12 Jul 2021 03:29:14 GMT
expires: Tue, 12 Jul 2022 03:29:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CA58 0
0 46ms
45ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv9eFCrfrYPr3K6HI7_UPx7aR4ATEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi01NjEwNjI1MDY0NTM0NzY5yAEJqQJrMCzaam-FPuACAKgDAaoE4gFP0B6rNsahGK400RVzjzp4E6lidv4QXzMnL-2vd2tzpIqr8rQ7iXrvpPWOi5glZRGZahf-z1iKgd-gePfUlkPUXT0LNH7oAkLMoGpgFzO44-APH6C-YyxLxkq_iLi6mgKcUC5DsU2n_7zQdCj933709scOfCTKBf-Od_FmFcZKRiFh2Ao-8-swKLAmK2YSdSbMbPLXRrRCQLFIOvYXyzlQzwCtu02oEeJtTiTVnUaKBcd-GqJL8i0qA0OrfP4FLQEsf17PqpL3uuwSJLLGiA1xkFODv83gCDlCQPKsoLhD-j8M4AQBgAag8Ny5h4jZsNoBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTkxODQyMzIxNTI2MjU2MzGACgP6CwIIAYAMAdAVAYAXAbIXGAoWEhRwdWItNTYxMDYyNTA2NDUzNDc2OQ&sigh=Zrz9jeVm1W8
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame CA58 2 KB
2 KB 135ms
44ms Script
text/javascript 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=47167845;rtbwp=YOu3CgAK-_oIu-QhAARbR0xSixtadkbOf9afzA;rtbdata=213YhU2VLU1K4c0GnxTAZ3KRmBIJHqgohKqBfwgLi3vrsb_HIO8wD_Q3DyFEAUP2WJRiVh6CCECFKcVF-1D6DA6SBWzFk3BOnTeiBM1KEV-gQJI3lauKAwsuw_cVPsTNb2VVWnC1VQI1MCSOH_hYR6IttUlkfNptXCkrxIazT7CXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CTnPoCrfrYPr3K6HI7_UPx7aR4ATEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi01NjEwNjI1MDY0NTM0NzY5yAEJqQJrMCzaam-FPuACAKgDAaoE5QFP0B6rNsahGK400RVzjzp4E6lidv4QXzMnL-2vd2tzpIqr8rQ7iXrvpPWOi5glZRGZahf-z1iKgd-gePfUlkPUXT0LNH7oAkLMoGpgFzO44-APH6C-YyxLxkq_iLi6mgKcUC5DsU2n_7zQdCj933709scOfCTKBf-Od_FmFcZKRiFh2Ao-8-swKLAmK2YSdSbMbPLXRrRCQLFIOvYXyzlQzwCtu02oEeJtTiTVnUaKBcd-GqJL8i0qA0OrfP4FLQEsf17PqpL3uuwSJLLGiA1x0lGOLXgy03GOm6R-c7-WATIYYbpn4AQBgAag8Ny5h4jZsNoBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTkxODQyMzIxNTI2MjU2MzH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3rSHcjndAHEwwCoEKHrHSyslFEzQ&client=ca-pub-5610625064534769&adurl=

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b73890f71b648a0368d336c36d5b7f1a999cecf66610f680779976122469c61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1709
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame CA58 3 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 03:28:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA58 123 KB
37 KB 42ms
41ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:15 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame CA58 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:16:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 03:16:33 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame CA58 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvl--qXeQrT-LWHyNA8GC3sNy-tPiNSGvsLQq6XCWVuA-z4hUMmVqXCuEm5FAoUJIJs5pNnAeLcl3sFXlltBivFjfz5Q
Requested by: Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CA58 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Thu, 08 Jul 2021 12:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314685
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Jul 2022 12:04:30 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame B9FD 4 KB
621 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 01:44:27 GMT
server: ESF
date: Mon, 12 Jul 2021 03:29:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 03:29:15 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame B9FD 1 KB
991 B 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 00:38:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
server: cafe
etag: 11243716317595354070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 00:38:37 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B9FD 0
0 44ms
41ms Fetch
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcpblCrfrYPv3K6HI7_UPx7aR4ASC3I3YY9m7wOXbDGQQASDQjJguYMzh7YH8LqABk_u_5gPIAQmpAn0Bh1dYwWg-4AIAqAMByAObBKoE5QFP0HYyThywFH6pC9yMVaI5Xn8nJOwjwfqkqa1ILZGmWtMF_VWyINmvdGa5qRLCGqpxYGepUFASvpJrYOvqyC1ony5Jc-_CMQRR_6iPSBvGgfg5sfd7mFUmTsal4jDBsMWFQO28AgOVnQDk23CkmWE5672CsoUOhysnZeAkCaFeqNC9qxaMADDR8C9vz8-4c2MvA-iuRMaTpzygyrV7q83UfUURaj9hTSVvr-KUiK6oyU3aWaQkSKBQyBhhlaRdtk9czm8PT35V9Vzo3Y-xKrl7PJLSpCv2SiYWzHE1tEHOoFThPV33wASc4uqNmQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH1YTAGagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTE4NDIzMjE1MjYyNTYzMYAKA8gLAZgM0PLSuJoDuBODBNgTDogUBNAVAZgWAYAXAbIXGgoYCAASFHB1Yi01NjEwNjI1MDY0NTM0NzY5&sigh=kfuvDXJMQ0k&template_id=515
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/ Frame B9FD 17 KB
7 KB 26ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/abg_lite_fy2019.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:19:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7112
x-xss-protection: 0
server: cafe
etag: 12276874145846594193
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 03:19:38 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame B9FD 3 KB
1 KB 32ms
24ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/window_focus_fy2019.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 03:27:54 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9FD 123 KB
37 KB 43ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1625830140585725"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37948
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/ Frame B9FD 14 KB
6 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210701/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:27:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 17140096307539089235
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Jul 2021 03:27:37 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame B9FD 0
0 24ms
20ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS5Y46Hk8Gu8h4chv4LOwmJX_yF8wEzQZJShVD0-7WDY3l69rgg9_CwYDt_Ls8pBMmN-aWDZTUAHBqHmolSLTWK7I2xuQ
Requested by: Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

GET
H2 200 a419caddb94ba229832f3cb0e96cc3a1.js Show response
www.gstatic.com/mysidia/ Frame B9FD 26 KB
11 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a419caddb94ba229832f3cb0e96cc3a1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 08:12:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10765
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 01:32:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 09 Oct 2021 08:12:32 GMT

GET
H3-29 200 4459364826210966291
tpc.googlesyndication.com/simgad/ Frame B9FD 6 KB
6 KB 28ms
22ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4459364826210966291?w=100&h=100

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82192b1513a85d07adeb0995095ee5503e42c8adfa339433e70ad1402f8d8172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Fri, 09 Jul 2021 15:03:51 GMT
x-content-type-options: nosniff
age: 217524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5649
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 08:31:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Jul 2022 15:03:51 GMT

GET
H2 200 data=rIZ-QlggI1rCsOxgv-nEVj6P05wD-s75ZpIsZs080CXsw7d5EWM_R_YgaiPXighRhR14T2o2fHEezYwI_yjjkA
mts0.google.com/vt/ Frame B9FD 60 KB
60 KB 155ms
116ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=rIZ-QlggI1rCsOxgv-nEVj6P05wD-s75ZpIsZs080CXsw7d5EWM_R_YgaiPXighRhR14T2o2fHEezYwI_yjjkA

Requested by

Host: b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
URL: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

paintfe /

Resource Hash

0a29ee552cc58965915d0745ed088a462259310fa4f7a75af1ddbc35dae30836

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:15 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61309
x-xss-protection: 0
x-server-version-bin: CggIBBCvrZWHBg==
server: paintfe
etag: 04ced473eddf6ddc8
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Mon, 12 Jul 2021 04:29:15 GMT

POST
H2 200 get_art.php Show response
songdata.bonneville.com/fetchv2/ 94 B
503 B 621ms
433ms XHR
text/html 2600:9000:2190:da00:1:3a48:ffc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://songdata.bonneville.com/fetchv2/get_art.php

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:da00:1:3a48:ffc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache / PHP/7.3.15

Resource Hash

d840cd2fe96fad02cc12a9eabd96563165d43f2ddc9b632e6584355652c25b19

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: ZRH50-C1
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.15
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache
x-mod-pagespeed: 1.13.35.2-0
content-length: 107
via: 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
x-amz-cf-id: zOgjSmG-GLW9LVoNMmrBjjDXrhlLYa0Tsa-vXvEvzAZ3MNjE87j1aA==

GET
H2 200 KRSP_APP_SQUARE.png
1035thearrow.com/wp-content/plugins/bonneville-logos-manager/logos/ 285 KB
285 KB 178ms
175ms Image
image/png 35.203.160.220
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1035thearrow.com/wp-content/plugins/bonneville-logos-manager/logos/KRSP_APP_SQUARE.png
Requested by: Host: 1035thearrow.com
URL: https://1035thearrow.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.160.220 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 220.160.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 09c4df1a5b577c7410306bfd3ed2e2619f3c620398f980380a5512d39e54c8fd

Request headers

:path: /wp-content/plugins/bonneville-logos-manager/logos/KRSP_APP_SQUARE.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: 1035thearrow.com
referer: https://1035thearrow.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
last-modified: Wed, 03 Feb 2021 20:55:37 GMT
server: nginx
etag: "601b0dc9-47239"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 291385

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame CA58 33 KB
16 KB 121ms
36ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=47167845;rtbwp=YOu3CgAK-_oIu-QhAARbR0xSixtadkbOf9afzA;rtbdata=213YhU2VLU1K4c0GnxTAZ3KRmBIJHqgohKqBfwgLi3vrsb_HIO8wD_Q3DyFEAUP2WJRiVh6CCECFKcVF-1D6DA6SBWzFk3BOnTeiBM1KEV-gQJI3lauKAwsuw_cVPsTNb2VVWnC1VQI1MCSOH_hYR6IttUlkfNptXCkrxIazT7CXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CTnPoCrfrYPr3K6HI7_UPx7aR4ATEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi01NjEwNjI1MDY0NTM0NzY5yAEJqQJrMCzaam-FPuACAKgDAaoE5QFP0B6rNsahGK400RVzjzp4E6lidv4QXzMnL-2vd2tzpIqr8rQ7iXrvpPWOi5glZRGZahf-z1iKgd-gePfUlkPUXT0LNH7oAkLMoGpgFzO44-APH6C-YyxLxkq_iLi6mgKcUC5DsU2n_7zQdCj933709scOfCTKBf-Od_FmFcZKRiFh2Ao-8-swKLAmK2YSdSbMbPLXRrRCQLFIOvYXyzlQzwCtu02oEeJtTiTVnUaKBcd-GqJL8i0qA0OrfP4FLQEsf17PqpL3uuwSJLLGiA1x0lGOLXgy03GOm6R-c7-WATIYYbpn4AQBgAag8Ny5h4jZsNoBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTkxODQyMzIxNTI2MjU2MzH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3rSHcjndAHEwwCoEKHrHSyslFEzQ&client=ca-pub-5610625064534769&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 13 Jul 2021 07:07:01 GMT

GET
H2 200 pbice.js Show response
resources.infolinks.com/js/pbice/3.012/ 253 KB
80 KB 256ms
254ms Script
application/javascript 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/pbice/3.012/pbice.js
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

cf-ray: 66d72faeed040ffa-MRS
date: Mon, 12 Jul 2021 03:29:16 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 25 Feb 2021 13:31:34 GMT
server: cloudflare
age: 11018
etag: W/"3f394-5bc292b988e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Wed, 11 Aug 2021 00:25:38 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 6E94 8 KB
2 KB 439ms
438ms Document
text/html 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8ddfc5b8da37767c6ae1b6e1201b571b0d497a9beb31b7fb9a243fce63d2b2

Request headers

:method: GET
:authority: router.infolinks.com
:scheme: https
:path: /usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store
p3p: CP="NON DSP NID OUR COR"
via: 1.1 google
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 66d72faf2d230ffa-MRS
content-encoding: gzip

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
37 B 442ms
442ms Script
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3314865&wsid=1
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 66d72faf4d280ffa-MRS
content-length: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9FD 0
0 18ms
17ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=eos&id=eos-base&v=20210709&bin=7&avms=ns&bs=0,0&if=1&app=0&itpl=22&adk=2070533641&rs=4&cr=0&vs=0&eosm=3&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B9FD 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edfb91d9fc883cf9fa25060c03f89baac30f06a79ce837ce57d76637ff7f753e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9FD 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sat, 10 Jul 2021 20:14:24 GMT
x-content-type-options: nosniff
age: 112492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Jul 2022 20:14:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9FD 11 KB
12 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 05 Jul 2021 21:42:00 GMT
x-content-type-options: nosniff
age: 539236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:42 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Jul 2022 21:42:00 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9FD 15 KB
15 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 506218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v27/ Frame B9FD 12 KB
12 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 00:14:56 GMT
x-content-type-options: nosniff
age: 530060
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:33 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 00:14:56 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame CA58 7 KB
3 KB 47ms
47ms Script
text/javascript 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=47167845;rtbwp=YOu3CgAK-_oIu-QhAARbR0xSixtadkbOf9afzA;rtbdata=213YhU2VLU1K4c0GnxTAZ3KRmBIJHqgohKqBfwgLi3vrsb_HIO8wD_Q3DyFEAUP2WJRiVh6CCECFKcVF-1D6DA6SBWzFk3BOnTeiBM1KEV-gQJI3lauKAwsuw_cVPsTNb2VVWnC1VQI1MCSOH_hYR6IttUlkfNptXCkrxIazT7CXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=CTnPoCrfrYPr3K6HI7_UPx7aR4ATEs6CUXL7QuIXlAsCNtwEQASAAYMzh7YH8LoIBF2NhLXB1Yi01NjEwNjI1MDY0NTM0NzY5yAEJqQJrMCzaam-FPuACAKgDAaoE5QFP0B6rNsahGK400RVzjzp4E6lidv4QXzMnL-2vd2tzpIqr8rQ7iXrvpPWOi5glZRGZahf-z1iKgd-gePfUlkPUXT0LNH7oAkLMoGpgFzO44-APH6C-YyxLxkq_iLi6mgKcUC5DsU2n_7zQdCj933709scOfCTKBf-Od_FmFcZKRiFh2Ao-8-swKLAmK2YSdSbMbPLXRrRCQLFIOvYXyzlQzwCtu02oEeJtTiTVnUaKBcd-GqJL8i0qA0OrfP4FLQEsf17PqpL3uuwSJLLGiA1x0lGOLXgy03GOm6R-c7-WATIYYbpn4AQBgAag8Ny5h4jZsNoBoAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG9gHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTkxODQyMzIxNTI2MjU2MzH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_3rSHcjndAHEwwCoEKHrHSyslFEzQ&client=ca-pub-5610625064534769&adurl=;js=1;adfxid=1x;6394;set=en-US|en-US|1600X1200|0|950|200|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2F1035thearrow.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

b6e1973f2a6f724357fcc7b6108de6f19f57cf5e510d22131c512c28f9b04294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:16 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3157
expires: -1

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA58 0
0 23ms
22ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=eos&id=eos-base&v=20210709&bin=7&avms=ns&bs=0,0&if=1&app=0&itpl=20&adk=690421147&rs=4&cr=0&vs=0&eosm=3&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CA58 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9655e050ff5fe4a31c0aa3e8695954884fb1dca1c08a7dcf1860bdb03ffbe73

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame CA58 84 KB
36 KB 47ms
46ms Script
text/javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.207/e/igSBggDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
content-encoding: gzip
last-modified: Thu, 10 Jun 2021 12:36:46 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Tue, 13 Jul 2021 06:20:37 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame CA58 35 B
503 B 43ms
43ms Ping
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=47167845&csi=Lwh1TmY0O4nx9ayXNKM7n5VrbYtdkYCowv6iwuZFjOPbNUjYKkRX5sYiFjWoUfpWrS2EAm3_-DIjefDb587ccLQ8JIJob1sX0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:16 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 46070484.png
s1.adform.net/Banners/46070484/ Frame CA58 39 KB
40 KB 41ms
40ms Image
image/png 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/46070484/46070484.png?bv=2

Requested by

Host: 1035thearrow.com
URL: https://1035thearrow.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

924a8ef38d6527e75ba3157ec2c5110cd291e94741551f12954320cc36b319e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:16 GMT
last-modified: Wed, 23 Jun 2021 13:09:59 GMT
server: nginx
etag: "60d332a7-9cef"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 40175

GET
H2 200 / Show response
de.tynt.com/deb/ Frame CD41 75 B
289 B 399ms
132ms Document
text/html 208.100.17.181
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip181.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

:method: GET
:authority: de.tynt.com
:scheme: https
:path: /deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

cache-control: max-age=86400
expires: Tue, 13 Jul 2021 03:29:17 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Mon, 12 Jul 2021 03:29:16 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame CC3C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

2 KB
3 KB

55ms
54ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 78b433ea237cfb9e00f5082f486572b6af916373fc371841bdaa83c091c99e69

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://router.infolinks.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YOu3DRJrHQvq8A6rkbJmOgAA; CMPS=5179
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|45|230|64|221|206|111
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1787
Expires: Mon, 12 Jul 2021 03:29:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Connection: keep-alive
Set-Cookie: CMID=YOu3DRJrHQvq8A6rkbJmOgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Jul 2022 03:29:17 GMT CMPS=5179;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Oct 2021 03:29:17 GMT CMPRO=1185;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Oct 2021 03:29:17 GMT CMST=YOu3DWDrtw0A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 13 Jul 2021 03:29:17 GMT CMRUM3=2d60ebb70d05a0&f160ebb70d05a0&6f60ebb70d05a0&4060ebb70d05a0&e660ebb70d2760&2760ebb70d0b40&dd60ebb70d2760&ce60ebb70d05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Jul 2022 03:29:17 GMT

Redirect headers

Server: Apache
Content-Length: 311
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 12 Jul 2021 03:29:17 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Connection: keep-alive
Set-Cookie: CMID=YOu3DRJrHQvq8A6rkbJmOgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Jul 2022 03:29:17 GMT CMPS=5179;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 10 Oct 2021 03:29:17 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 7F18 2 KB
823 B 84ms
26ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=598ce3ddaee8c90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://router.infolinks.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://router.infolinks.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjI1RDIwQTYtNjkzOC00NjE4LTg3NjYtN0E4RTQ3RjVDQTM5&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjI1RDIwQTYtNjkzOC00NjE4LTg3NjYtN0E4RTQ3RjVDQTM5&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC422CF0F-3CA9-490F-BA81-72CAD3CD5907
https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907

0
237 B

354ms
347ms

Image
text/plain

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 66d72fb74ff90ffa-MRS
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907
date: Sun, 11 Jul 2021 23:28:05 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

apn-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
https://router.infolinks.com/dyn/apn-usync?user_id=7603292377863356613

35 B
278 B

347ms
346ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/apn-usync?user_id=7603292377863356613
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb30e9e0ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
X-Proxy-Origin: 217.138.199.52; 217.138.199.52; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 63351ca3-9ec7-43aa-975e-b3f7b77da244
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://router.infolinks.com/dyn/apn-usync?user_id=7603292377863356613
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

VR-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://ups.analytics.yahoo.com/ups/58422/occ
https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
https://router.infolinks.com/dyn/VR-usync?uid=y-FLF5989E2uFoNotuDBm__bD427Zjaciuf9vPDtg-~A

35 B
209 B

351ms
350ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/VR-usync?uid=y-FLF5989E2uFoNotuDBm__bD427Zjaciuf9vPDtg-~A
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb33ea90ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/VR-usync?uid=y-FLF5989E2uFoNotuDBm__bD427Zjaciuf9vPDtg-~A
Connection: keep-alive
Content-Length: 0

GET
H2

200

r1-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://sync.1rx.io/usersync2/infolinks
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2106363526
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2106363526
https://sync.1rx.io/usersync/tradedesk/ef6f2f96-bd01-48b7-9624-d4acac3d1644
https://sync.targeting.unrulymedia.com/csync/RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003
https://router.infolinks.com/dyn/r1-usync?uid=RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003

35 B
205 B

378ms
345ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/r1-usync?uid=RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb5df6b0ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

location: https://router.infolinks.com/dyn/r1-usync?uid=RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003
date: Mon, 12 Jul 2021 03:29:17 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe691e742d38e414db8f4d54c6fc388fc003
content-type: text/html

GET
H2

200

zmn-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
https://router.infolinks.com/dyn/zmn-usync?uid=

35 B
177 B

351ms
350ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zmn-usync?uid=
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb53f410ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zmn-usync?uid=
Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 70
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 6E94 0
478 B 180ms
41ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame 6E94
Redirect Chain

https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252F1035thearrow.com%252F&pid=12306&adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252F1035thearrow.com%25252F%26pid%3D12306%26adnxs_uid%3D%24UID
https://s.cpx.to/ca.png?ref=https%3A%2F%2F1035thearrow.com%2F&pid=12306&adnxs_uid=7603292377863356613

95 B
945 B

225ms
56ms

Image
image/png

52.19.63.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.cpx.to/ca.png?ref=https%3A%2F%2F1035thearrow.com%2F&pid=12306&adnxs_uid=7603292377863356613

Requested by

Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.63.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Content-Security-Policy: default-src 'self'
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Date: Mon, 12 Jul 2021 03:29:17 GMT
X-Frame-Options: sameorigin
Connection: keep-alive
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Content-Length: 95
Expires: Mon, 12 Jul 2021 03:29:17 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
X-Proxy-Origin: 217.138.199.52; 217.138.199.52; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f9ce966f-58fe-4e13-be57-07a6632d653a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.cpx.to/ca.png?ref=https%3A%2F%2F1035thearrow.com%2F&pid=12306&adnxs_uid=7603292377863356613
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 6E94 42 B
233 B 383ms
122ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

outh-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP565e2d6b-e2c1-11eb-a39b-06f09cce428e
https://router.infolinks.com/dyn/outh-usync?uid=y-UsEbFkBE2uGh5KXYRXlKZgb4kGKKL3Il~A~UP565e2d6b-e2c1-11eb-a39b-06f09cce428e

35 B
236 B

345ms
345ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/outh-usync?uid=y-UsEbFkBE2uGh5KXYRXlKZgb4kGKKL3Il~A~UP565e2d6b-e2c1-11eb-a39b-06f09cce428e
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb37eb70ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://router.infolinks.com/dyn/outh-usync?uid=y-UsEbFkBE2uGh5KXYRXlKZgb4kGKKL3Il~A~UP565e2d6b-e2c1-11eb-a39b-06f09cce428e
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK usersync
match.bnmla.com/ Frame 6E94 0
114 B 422ms
137ms Image
text/plain 38.27.122.101
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.101 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

sovrn-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true
https://router.infolinks.com/dyn/sovrn-usync?uid=7a3f6708bc868c558ab2e7b9

35 B
194 B

348ms
346ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/sovrn-usync?uid=7a3f6708bc868c558ab2e7b9
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb48f1d0ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: nginx
Location: https://router.infolinks.com/dyn/sovrn-usync?uid=7a3f6708bc868c558ab2e7b9
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

usersync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyMkNGMEYtM0NBOS00OTBGLUJBODEtNzJDQUQzQ0Q1OTA3&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzQyMkNGMEYtM0NBOS00OTBGLUJBODEtNzJDQUQzQ0Q1OTA3&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3DC422CF0F-3CA9-490F-BA81-72CAD3CD5907
https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907

0
188 B

352ms
345ms

Image
text/plain

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:18 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
cache-control: no-store
cf-ray: 66d72fb74ffa0ffa-MRS
content-length: 0

Redirect headers

location: https://router.infolinks.com/dyn/usersync?pmuservalue=C422CF0F-3CA9-490F-BA81-72CAD3CD5907
date: Mon, 12 Jul 2021 03:29:16 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 iq-usync
router.infolinks.com/dyn/ Frame 6E94 0
35 B 353ms
353ms Image
text/plain 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/iq-usync
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control: no-store
cf-ray: 66d72fb48f110ffa-MRS
content-length: 0

GET
H2

200

zeta-usync
router.infolinks.com/dyn/ Frame 6E94
Redirect Chain

https://p.rfihub.com/cm?pub=43153&in=1
https://router.infolinks.com/dyn/zeta-usync?uid=1871878971543645161

35 B
188 B

349ms
347ms

Image
image/gif

104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/zeta-usync?uid=1871878971543645161
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb5df700ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

Redirect headers

Location: https://router.infolinks.com/dyn/zeta-usync?uid=1871878971543645161
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6E94 0
72 B 416ms
130ms Image
text/plain 208.100.17.173
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Requested by: Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3314865&wsid=1&pdom=1035thearrow.com&purl=https://1035thearrow.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.173 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software: 33XP005 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://router.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

x-33x-status: 2000208
date: Mon, 12 Jul 2021 03:29:17 GMT
server: 33XP005

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame CC3C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&dcc=t

43 B
433 B

128ms
125ms

Image
image/gif

72.21.206.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: 206-140.amazon.com
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame CC3C 70 B
265 B 73ms
55ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YOu3DRJrHQvq8A6rkbJmOgAA&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame CC3C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YOu3DRJrHQvq8A6rkbJmOgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGhh0rTXfCTArSR398FDilk&google_cver=1&gdpr=1

43 B
999 B

109ms
65ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGhh0rTXfCTArSR398FDilk&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 03:29:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGhh0rTXfCTArSR398FDilk&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame CC3C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEe_vW8C56hunOkXpw_6Pbc&google_cver=1

43 B
315 B

48ms
46ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEe_vW8C56hunOkXpw_6Pbc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 12 Jul 2021 03:29:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEEe_vW8C56hunOkXpw_6Pbc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC3C
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628652557

43 B
982 B

49ms
49ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628652557
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 12 Jul 2021 03:29:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1628652557
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame CC3C
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185?gdpr_consent=&us_privacy=&gdpr=1

49 B
733 B

71ms
70ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.5.206
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YOu3DRJrHQvq8A6rkbJmOgAA%261185?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.6.133
content-length: 0
expires: 0

GET
H/1.1 204
No Content sync
ups.analytics.yahoo.com/ups/55940/ Frame CC3C 0
234 B 40ms
34ms Image
text/plain 3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YOu3DRJrHQvq8A6rkbJmOgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 03:29:17 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame CC3C 0
330 B 52ms
43ms Image
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 ix-usync
router.infolinks.com/dyn/ Frame CC3C 35 B
197 B 354ms
346ms Image
image/gif 104.22.3.144
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://router.infolinks.com/dyn/ix-usync?uid=YOu3DRJrHQvq8A6rkbJmOgAA%261185
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.22.3.144 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NON DSP NID OUR COR"
content-type: image/gif
cache-control: no-store, no-cache, private
cf-ray: 66d72fb3bed10ffa-MRS
content-length: 35
expires: Sun, 12 Jul 2020 03:29:17 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CA58 42 B
64 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuItFT7O8iMnbCeuUBTMmF_TJbmpx6HkoUNpHt3Q3aXUVMN9pS7plCHMPxIMcdzrARG0YUlzQ6pzv-xgEFNsv-9jUHYo2I1Dg&sig=Cg0ArKJSzFczyAZ71RmQEAE&id=lidar2&mcvt=1001&p=880,460,1060,1390&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210709&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=690421147&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=3&rst=1626060555494&dlt=31&rpt=1&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d598792df0f2cb516b9863be2834a7674061cb071e30be8d193fbdcf4f354e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 12 Jul 2021 03:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8408
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 03:29:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Mon, 12 Jul 2021 03:29:18 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 75AB 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sun, 11 Jul 2021 19:14:36 GMT
expires: Mon, 11 Jul 2022 19:14:36 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 29682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A31C 783 B
762 B 16ms
16ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fac09342b6b4500ee435d89d65b7d44eb4a4730f0bf6e345bf32907e9b8835c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AE9hQP01OVvhNfRsJzIQQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1035thearrow.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Referer: https://1035thearrow.com/

Response headers

expires: Mon, 12 Jul 2021 03:29:18 GMT
date: Mon, 12 Jul 2021 03:29:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-AE9hQP01OVvhNfRsJzIQQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 /
track.adform.net/serving/unload/ Frame CA58 35 B
503 B 46ms
45ms Ping
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=-1385591796702507506@@47167845,1914893486218393674,100|1002|0|0|0|0|0|0|0||87|1|1|60ebb70a000c0b6907fd8733060743f9_1|||1|0|0|wQqS_2DNyNlyQrp1YDRzdJ9oEGrm2mFpUwDqL3Rl3HZ4ob_4eaJPMOpmw3fusJ2y0|||11|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:18 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame CA58 35 B
303 B 45ms
45ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=47167845&event=178&time=2&baid=46070484&name=Viewable%20impressions&imprid=1914893486218393674&icid=-1385591796702507506&eData=Lwh1TmY0O4mVi0LwE4vdSZbr9jsP54doRUX-iKr4L0RTP54Mob77USNtP4O-vEOBluMywFtRlj68jqTQ3yLCxQ2&rtbdata=213YhU2VLU1K4c0GnxTAZ3KRmBIJHqgohKqBfwgLi3vrsb_HIO8wD_Q3DyFEAUP2WJRiVh6CCECFKcVF-1D6DA6SBWzFk3BOnTeiBM1KEV-gQJI3lauKAwsuw_cVPsTNb2VVWnC1VQI1MCSOH_hYR6IttUlkfNptXCkrxIazT7CXcVj9FCod5ivBvrwRSrZjor8g8xjG6XBolY1DvR3PyHogzW-FlRZ0p2i9wxCJiUEP-LdFTa6D-_SVq2sSBH4d10e59jRRZMvpfzsDp3jajBKlEctiPOln0&rtbwp=YOu3CgAK-_oIu-QhAARbR0xSixtadkbOf9afzA&rnd=541334624

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H3-29 200 KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js Show response
pagead2.googlesyndication.com/bg/ Frame 75AB 35 KB
13 KB 31ms
27ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KtQVHgFmyc6avfEYQl6jwuIqHN0jrKlFlNnINk9N7x8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

date: Sun, 11 Jul 2021 13:52:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13206
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 16:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 13:52:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
37ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=2219664460032670&bg=!ZmWlZSHNAAbV4AdB1eA7ACkAdvg8WisS2dX3m75YxYc1kizhErFKZtJ7_rz9z5PgT7Gw2scE0zzjhwIAAADjUgAAAAtoAQcKAAgVk8325XDF-pkCh3i2vPGaidCX0uzfyzPkmsMioVMuELK8pvmmvoV31UZ76hDAL7BzLGs1XLcDUZUwiIYQ6VzkYmCDYGjS-3oRVZLgHgl4gXNnX-S_2rM-Oiq-lBTo4hHlwpXowKEV5ap2I4R-Sj8uDlMC96AaMBEKB8b-dMbLKTZarYT4QDW1DwDPhZvRtOpV5XfGnAs1pmrFGNpPBSoJO5KH9Y62vYugunwCVlMjnbm4rgnGo0s_PnW32FxIRTtgoptJ3YM_E0HMGuWOb9iC35GNUk2zJVNioTSHrt7zHdWeGpREkTruRibNS0cz1QT791SmAFXWMtso_C5Evzbyuxqvk4ft8HVEx2we6BH9GImOZM39RWxNUS6sDdBPBDeN2xhE5vFCUps7IUr0OS02pkLBgwpP_RI1mFAjA4lNgFagfsmIotgtwin62t2eRS7gXlwKLEpgq55wF4DC6yDetEbGWY_LQTjtvQDkRn-5wOc_rm5WzzvGi5K3ydonnjkvcuC45URDSRHevwmKDsoYocxKa5XhDsY3OydmEIrvaVkqHjb74I62-EHtbHNGlbCo6k7dwJ1b6ACng1s_vrzjboPVuYdn7kRIRbjuoP1-CvbflmlT2qzYB-Jbfbr7zEYfY6UjohcAtZz0ai7JGoDDf4VIsmSOq5uKfWz8Eo5nDzAcOcAconu7w5KYd_Xb9rimaGFyktLuapwG1-gpvacSiHj5KWRIJMABksPpIOtuAVDvI1oOr9GPgnDxA_ZoSGgnYshsBovAgjXSRZO_SLWjnPYI35xN9-VJL2pWmatEyx5H7Oc0tMEIpv-7T3uaei4_hJlhRFKDBxxdke38-DV4xhHN0FIx49D0EOfudgrHPqCr

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1035thearrow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame CA58 35 B
503 B 44ms
44ms Ping
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=-1385591796702507506@@47167845,1914893486218393674,100|4695|0|0|0|0|0|0|0||409|1|1|60ebb70a000c0b6907fd8733060743f9_1|||1|0|0|wQqS_2DNyNlyQrp1YDRzdJ9oEGrm2mFpUwDqL3Rl3HZ4ob_4eaJPMOpmw3fusJ2y0|||01|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.49 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 03:29:21 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

330 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.casalemedia.com/	1970-01-20 04:26:36	Name: CMRUM3 Value: 2d60ebb70d2760CAESEGhh0rTXfCTArSR398FDilk&f160ebb70d05a0&6f60ebb70d05a0&4060ebb70d05a0&e660ebb70d2760&2760ebb70d0b40&dd60ebb70d2760&ce60ebb70d05a0
.casalemedia.com/	1970-01-20 04:26:36	Name: CMID Value: YOu3DRJrHQvq8A6rkbJmOgAA
.infolinks.com/	1970-01-19 19:42:26	Name: KADUSERCOOKIE Value: C422CF0F-3CA9-490F-BA81-72CAD3CD5907~1626060644425
.casalemedia.com/	1970-01-19 21:50:36	Name: CMPS Value: 5179
.infolinks.com/	1970-01-19 19:42:26	Name: R1USERCOOKIE Value: RX-e691e742-d38e-414d-b8f4-d54c6fc388fc-003
.infolinks.com/	1970-01-19 19:42:26	Name: SOVRNUSERCOOKIE Value: 7a3f6708bc868c558ab2e7b9
.infolinks.com/	1970-01-19 19:42:26	Name: IXUSERCOOKIE Value: YOu3DRJrHQvq8A6rkbJmOgAA&1185
.infolinks.com/	1970-01-19 19:42:26	Name: VRUSERCOOKIE Value: y-FLF5989E2uFoNotuDBm__bD427Zjaciuf9vPDtg-~A
.casalemedia.com/	1970-01-19 21:50:36	Name: CMPRO Value: 1185
.infolinks.com/	1970-01-19 19:42:26	Name: ZTUSERCOOKIE Value: 1871878971543645161
.infolinks.com/	1970-01-19 21:50:36	Name: ZMNUSERCOOKIE Value: ""
.infolinks.com/	1970-01-19 21:50:36	Name: ANUSERCOOKIE Value: 7603292377863356613
1035thearrow.com/	1969-12-31 23:59:59	Name: logglytrackingsession Value: e79c7376-4608-4458-a363-b72b2bd3df3e
.doubleclick.net/	1970-01-20 05:02:36	Name: IDE Value: AHWqTUnWC4zj_E0rZefhZ7Vq_LMdw33Qkegv7_YXQtu7y1ObxzqOr-BsV5UCx5444eg
.casalemedia.com/	1970-01-19 19:42:26	Name: CMST Value: YOu3DWDrtw0A
.infolinks.com/	1970-01-19 19:42:26	Name: OUTHUSERCOOKIE Value: y-UsEbFkBE2uGh5KXYRXlKZgb4kGKKL3Il~A~UP565e2d6b-e2c1-11eb-a39b-06f09cce428e

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://1035thearrow.com/wp-content/themes/bonneville-music/assets/js/fluidbox/jquery.fluidbox.min.js?ver=5.5.5(Line 1) Message: Fluidbox: The jQuery debounce/throttle plugin is not found/loaded. Even though Fluidbox works without it, the window resize event will fire extremely rapidly in browsers, resulting in significant degradation in performance upon viewport resize.
console-api	log	URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js(Line 1) Message: [object Object]
console-api	log	URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js(Line 1) Message: Failed to log to loggly because of this exception: SecurityError: Blocked a frame with origin "https://1035thearrow.com" from accessing a cross-origin frame.
console-api	log	URL: https://resources.infolinks.com/js/1744.004-3.012.ab.1750.007-3.025/ice.js(Line 1) Message: Failed log data: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1035thearrow.com
adservice.google.com
adservice.google.cz
adservice.google.de
ap.lijit.com
assistant.woorank.com
b1sync.zemanta.com
b2f5d781346da2bd1bdcc7b0467d3263.safeframe.googlesyndication.com
bcp.crwdcntrl.net
c1.adform.net
cm.g.doubleclick.net
connect.facebook.net
content.jwplatform.com
cookie-cdn.cookiepro.com
de.tynt.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
match.adsrvr.org
match.bnmla.com
mts0.google.com
np.tritondigital.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.advertising.com
resources.infolinks.com
router.infolinks.com
s.amazon-adsystem.com
s.cpx.to
s1.adform.net
sdk.listenlive.co
securepubads.g.doubleclick.net
songdata.bonneville.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
track.adform.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.woorank.com
104.22.3.144
13.224.99.124
142.250.181.226
142.250.185.130
174.137.133.49
178.162.133.149
185.64.190.79
185.64.190.80
185.64.190.81
193.0.160.129
2.18.234.21
208.100.17.173
208.100.17.181
208.92.55.20
213.19.147.45
216.52.2.30
2600:9000:2156:1800:7:5253:f880:93a1
2600:9000:2190:5000:1:a3fa:7cc0:93a1
2600:9000:2190:da00:1:3a48:ffc0:93a1
2606:4700::6812:678
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c08::9c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
34.194.181.37
35.203.160.220
37.157.2.249
37.157.3.29
37.252.172.250
38.27.122.101
51.89.9.252
52.19.63.112
52.208.103.128
52.59.102.119
64.202.112.127
66.155.71.25
72.21.206.140
76.223.111.131
005874f7a90dc744417d7df8283c896e1c1d2f6b54bfab180a8f5cc9e0ecc0d3
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
082110cd2efb228df84c8014c05892ac037224a2414087bde6e1276d9a2da48b
08b637a003073fd15e15e00d41904a810718b20c3fbdfb7298aeb1588210adf5
09c4df1a5b577c7410306bfd3ed2e2619f3c620398f980380a5512d39e54c8fd
0a29ee552cc58965915d0745ed088a462259310fa4f7a75af1ddbc35dae30836
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dd7352b83bc2ae48a255ffabf8f167a8d2c52a7dca9c2669d5d9456154fc3d2
0dfc6963fb114588887432268114a1bb0a5e4692eaeafc9e755c7d4ad92546e2
0e4f0cc2a47e98ed56d5416afb1177b7337b7dc7cf561d9297854f527a9796d2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c5f7bfd5603bea1b10d69db9f5aa12a04a0789d54a37a70028fa7ffdee36d1
1323ea97b967b704490ad5dcbb0a32fbdf8f2af9a0fa2aafe39e1d2b0446ea1f
1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4
164870fd7248cfe360a8b2df4e266940dfd5738e8da6bf9ae3a7dc42bb55fa48
166352d1b0ffba1fc5e0c8e5a94a473cee7f43b2d420e09b27bbe91305d9c58e
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
1e358ef93dc574ac80f791e51a64734b039b6983e63dffa05fad7a26220ec4df
1e8ddfc5b8da37767c6ae1b6e1201b571b0d497a9beb31b7fb9a243fce63d2b2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
2ad4151e0166c9ce9abdf118425ea3c2e22a1cdd23aca94594d9c8364f4def1f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2af9237a0c714e46bef1426c9e28d67cc29473cc81641324dfe2644272a765e2
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
34489ae45b8749aa518a888ad417089b659ef6d87bb41dcfdf520a5876bd4da9
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37f36250afd851bde07a41c7de6c2c0478b2a504a1370bc882e419349e3344ff
3816b4568ed38a9c2f07971deeeb2a2a0170ebe354f97045681bab791d974f1f
385813a881f5c38f9a6278bf563f25745335355789ab5bdc32cb2af7070e6058
3f45c3845e89f204d224d9dec67754a278722029e9445f0f2ffbc65612beccc9
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4b01f1d4f25f792a5aeaf377e16c55ac53a94ea3e5696d98ee6de29e74934d07
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51c0c1c886fd2b1d25a5cee83b3c0286c42901ef45e5fd64637d287abfec843a
51d640952c23f17f06b9fc75baf404887a8cab2c726e247647d846b8bf32fcdd
53a2d5c7ab1d03ed1dfd764153fd1684258d90bb4c23c10ecc45782debbe5c5b
5bd463f503404edf500a3d8cb79cba815c9c04876e5d36fabb00c3f8585361cb
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
609b268cb0a03c26778c1e1b1d875b599590ba5327b2a3fe366ea1d502fbc823
637ddea341484e7a10cbf236109d751e940954fe905e1da470698fc9a771f421
67bc55fcc2e934891d4d09d03c84b8c54e86bf0cd70ced02e1ef52ca7be8c4bc
7099df1a6e579601e1452471dc14bf1e025c771c37df56b73fe6c97bdbdc3b49
711d5edf8d5be12754f1f6f166574730e615706603e12a5ff663da7eae1e0e03
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75a33bdccbadc38c64bf09f76d24d7a1b3fdf61c0915169cc3e7d9b5b07405c5
78b433ea237cfb9e00f5082f486572b6af916373fc371841bdaa83c091c99e69
79981d081a217c93ec2be4c29e0f6f43c2873f9ab3c313dce9c8a549b3a5f050
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c6d3da39b43a0322a762fd047157070ae066272f31a9863b39152bfb102b273
82192b1513a85d07adeb0995095ee5503e42c8adfa339433e70ad1402f8d8172
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d598792df0f2cb516b9863be2834a7674061cb071e30be8d193fbdcf4f354e
871a8f1084b6a27c4a67c854ba86e745d89be827f9bbc9057cbf3e535722cee1
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
89def23e3b0e2711a0c74d2af006a0fa8358c26997f0db5f76576f1d4c437c86
8a50a348d2e8dcbf6778fe369438fca5fe0a98b849dc33b647f19d37846bfe49
8c2af8277c62809e12050697a0f92dec885ff5a00ca91f15819ae5e7345a588c
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f0462602e417cf9504ad1b0cb9a9b31d7a66b93de192a24a9120c66b9cb54fa
924a8ef38d6527e75ba3157ec2c5110cd291e94741551f12954320cc36b319e2
9bc48879168d7799dff83ea61f8422597ba5ab873ff0e2ee262a66d849e266d5
9d51f16d1f006e9e72942b8a8f92384d5262e22f5cbf6bd0eb5a18cd84420064
a00d7ab83ba557bb748631adc82b394a050eb87cb68c2acbec0e896ae2fae73f
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a41d60f8ac48aafcddd891ddebb318735c5684c4d8c8971f2a236233f89fc3be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5583b74277fc8ec404d84077c3cf6ff1705e7de3cf718504e0bada9efeb667f
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
abe2ebc15566655ce3c9ffe31ade17bec0624f6bd68019dd2c6981f20e6e3720
ad9f5ecca3e469c709ac793efe7ebec0c218427a1be41f6ec9a0da01be7d440b
af69362332b719fa71bae4ae2376efb88b647187e06d422353c8470c03b10c3c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3598d370d1870a8ec0373d2ff34f4efde21e83e3848fb7af2da622111fe9dac
b35e08bf74d02171801298c4aa993f4b1cfe68c86ea5ff8ec03a0c558a2ea022
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b557684df0ea0c6d9cefce5735d183a031ba4644e61be1951dc3d329506f9637
b6e1973f2a6f724357fcc7b6108de6f19f57cf5e510d22131c512c28f9b04294
b73890f71b648a0368d336c36d5b7f1a999cecf66610f680779976122469c61f
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2f99047ada383a4bb9b4b9f2f837377c2094c5ebf4dc4146cab676dab1371a7
c9655e050ff5fe4a31c0aa3e8695954884fb1dca1c08a7dcf1860bdb03ffbe73
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d139c3756ba4ea4e4672c12645de4977faa9ba7e0d550931d2086338fd72dfe9
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d50e992ac846d1a23ac3fde9ddc997a572fc65702611c667b0a758cf8ee99083
d59254e73657b9a995bfea0f5d0e6a61547a50de268b0ecc749e95ddce43e115
d840cd2fe96fad02cc12a9eabd96563165d43f2ddc9b632e6584355652c25b19
da9d71367d72333089ca61a19bed0b1b4c2ce91c908970924cf003ec6453c53c
db06dcfa0112b05cef7abd20fadc5baf632a316515f07cfd4fceb436c8a0cb1b
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dceed1deb7cf1629e1389e4867c58d10d63efea7d6d5eafdc40c13baccdf9506
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de646d47787f94274ddf06767917246c0b8e308f9dd69e9fcbe7e4b0e7277562
e11ab67b0ee9ecac143fd021228fda3e5c75a1e5328d0ea9fd1f30197b70f130
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e1e8eaacca666f82580c25b1c584eaeb3c6847e62a3dc9238ef8ec8623044025
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b20c06a20b7c958a8ebc8d7dd6766a94be7adfb473f4f68e2217b08620fda4
e584a2301736fc4ea27cfae5cb5e292188654c9aeade91e2a0cf44304e9260c1
e6668c93f25f03f6b7f2993783aa6139a4e6cbceba0e751b62bdb54aaf8e79a8
e6847b94bd5e51e44a02445defa1b6b49d6936baac2883a6259af3388a6af067
e845654291c2a1d371755e0aea36c8504f6ceabab14dd6a3232d82d458137a8c
eceb798154047577dccc1bbe0f904101c405433eb8e782cf4846b8f3f7da2513
eda144dea7a719010fe6c2e87514f5eca490b3c74f120f6ac8cb514596d4ef48
edfb91d9fc883cf9fa25060c03f89baac30f06a79ce837ce57d76637ff7f753e
eeefd70a12120465a046c7bda29524434ed1d302d534b5960632cc8e2c521206
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef22755bc9501f967f1cb92530ea9a24c98432e12dfa2b35a71482b3e5579b21
f0c400c8be6122ab2a8797b3c495be63393e3f1ec93426a88bb2a87a9996f8a9
f6107095bc969096cf0c22d425f1422f596a78ed0252176f3de4dc0b390e0acf
f846ed36309bfe9664d9d9c91b159a914661d08a0322d2ac651f0c48f16437c6
fac09342b6b4500ee435d89d65b7d44eb4a4730f0bf6e345bf32907e9b8835c0
face987d840282dd0b20c5610d5aaccfb00c49b651fca6100b8fe4e4de5253dd
ff43600c228c39295ac3c0768717186ef6d68e1358a325b310a757bf53d265b3
ff48cb6d90b8904d82852f61d56993c0ebdc6167117caaed0eda5011779f4179
ffa811ff2834d53f32832c8b70d7df7208264e144629487bbd91179ca13a5eca

1035thearrow.com Open in urlscan Pro 35.203.160.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

100 %HTTPS

47 %IPv6

43 Domains

60 Subdomains

48 IPs

8 Countries

3866 kBTransfer

7672 kBSize

16 Cookies

11 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1035thearrow.com Open in urlscan Pro
35.203.160.220 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

100 %
HTTPS

47 %
IPv6

43
Domains

60
Subdomains

48
IPs

8
Countries

3866 kB
Transfer

7672 kB
Size

16
Cookies

167 HTTP transactions
3 data transactions