urlscan.io logo urlscan.io
SecurityTrails logo

tippinsights.com Open in urlscan Pro
2a04:4e42:400::775  Public Scan

Go To Rescan Add Verdict Report
URL: https://tippinsights.com/newsletter-sign-up/
Submission: On December 04 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 2 countries across 17 domains to perform 67 HTTP transactions. The main IP is 2a04:4e42:400::775, located in United States and belongs to FASTLY, US. The main domain is tippinsights.com.
TLS certificate: Issued by R3 on November 26th 2021. Valid for: 3 months.
This is the only time tippinsights.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2a04:4e42:400... 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.66.122.63 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
2 52.218.224.160 16509 (AMAZON-02)
1 205.185.216.10 20446 (HIGHWINDS3)
2 3.16.208.74 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 54.187.119.242 16509 (AMAZON-02)
1 34.120.195.249 15169 (GOOGLE)
1 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.34.33.103 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
1 52.40.8.68 16509 (AMAZON-02)
4 2600:9000:223... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
67 24
9    2a04:4e42:400::775 (United States)

ASN54113 (FASTLY, US)
tippinsights.com
5    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
3    18.66.122.63 (United States)

ASN16509 (AMAZON-02, US)
js.stripe.com
10    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    52.218.224.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cdn.cove.chat
2    3.16.208.74 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-208-74.us-east-2.compute.amazonaws.com
apiv2.popupsmart.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com
q.stripe.com
1    34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o55869.ingest.sentry.io
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    52.34.33.103 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-33-103.us-west-2.compute.amazonaws.com
ping.momently.com
2    2600:9000:223e:9400:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    52.40.8.68 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-8-68.us-west-2.compute.amazonaws.com
m.stripe.com
4    2600:9000:223f:7a00:a:ed23:2900:93a1 (United States)

ASN16509 (AMAZON-02, US)
popup.popupsmart.com
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
10 pagead2.googlesyndication.com tippinsights.com
pagead2.googlesyndication.com
unpkg.com
tpc.googlesyndication.com
9 tippinsights.com tippinsights.com
unpkg.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 fonts.googleapis.com tippinsights.com
popup.popupsmart.com
googleads.g.doubleclick.net
4 popup.popupsmart.com apiv2.popupsmart.com
popup.popupsmart.com
3 www.gstatic.com googleads.g.doubleclick.net
3 q.stripe.com tippinsights.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 js.stripe.com tippinsights.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 apiv2.popupsmart.com tippinsights.com
apiv2.popupsmart.com
2 s3-us-west-2.amazonaws.com tippinsights.com
s3-us-west-2.amazonaws.com
2 unpkg.com 1 redirects tippinsights.com
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 m.stripe.com m.stripe.network
1 ping.momently.com s3-us-west-2.amazonaws.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 o55869.ingest.sentry.io unpkg.com
1 cdn.cove.chat tippinsights.com
67 23

This site contains links to these domains. Also see Links.

Domain
ghost.org
aspirethemes.com
twitter.com
www.facebook.com
Subject Issuer Validity Valid
tippinsights.com
R3		 2021-11-26 -
2022-02-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-10-21 -
2022-02-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-03-26 -
2022-03-05		 a year crt.sh
cove.chat
R3		 2021-11-15 -
2022-02-13		 3 months crt.sh
popupsmart.com
Amazon		 2021-10-21 -
2022-11-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-09-08 -
2022-09-07		 a year crt.sh
*.ingest.sentry.io
R3		 2021-10-24 -
2022-01-22		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.momently.com
Amazon		 2021-05-05 -
2022-06-03		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-02-02		 3 months crt.sh
popup.popupsmart.com
Amazon		 2021-12-03 -
2022-12-31		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://tippinsights.com/newsletter-sign-up/
Frame ID: 6776D1763131B329BD411BEA12ED965C
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: A20B93DC69B90C3721C5507FFFAAFE77
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Frame ID: 2EA6796140EC538B78611C139CA954EA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2418753237951341&output=html&adk=1812271804&adf=3025194257&lmt=1638619159&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638619159407&bpp=123&bdt=615&idt=262&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=70419035863&frm=20&pv=2&ga_vid=283798459.1638619160&ga_sid=1638619160&ga_hid=775743866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063793%2C31062930&oid=2&pvsid=1480396401172658&pem=378&tmod=1676035697&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Frame ID: 303611D9ABA9D5F1E69DDB0E0F9746E4
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: ED6DE826E9784510B7A76D87A7CC5399
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: ADC188A3A2236FD27E4576B5273FAC7D
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: F143ED249C38C7B5B4411C15CA4596E2
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Frame ID: 17122F780C7639548A056E059BA88486
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E8C7B29F7AF59CF28DE4896F11E874F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C3B562A564F3AEC8F1CE134CFA3AF7D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

tippinsights Newsletter Sign-up

Page Statistics

67
Requests

99 %
HTTPS

61 %
IPv6

17
Domains

23
Subdomains

24
IPs

2
Countries

976 kB
Transfer

3148 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js HTTP 302
  • https://unpkg.com/@tryghost/portal@1.12.9/umd/portal.min.js

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tippinsights.com/newsletter-sign-up/ 		83 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
8566e9be89ad07c653515a7f45ca8911d4025e949a30520c79fc38a55e51c57e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
openresty
content-type
text/html; charset=utf-8
status
200 OK
content-encoding
gzip
x-request-id
c1c52dbe4401cf35f531138cbe1abea6 1ae0cd7ebd28372713ee47c26c0ef0d7
etag
W/"14c25-YEYFSuRxrZ0N1BKR/Qxmb84NuF0"
ghost-cache
HIT
cache-control
public, max-age=0
ghost-age
12
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Sat, 04 Dec 2021 11:59:18 GMT
age
0
x-served-by
cache-ams12755-AMS, cache-hhn4071-HHN
x-cache
MISS, MISS
x-cache-hits
0, 0
x-timer
S1638619159.763354,VS0,VE21
vary
Accept-Encoding
ghost-fastly
true
content-length
17725
css2
fonts.googleapis.com/ 		13 KB
840 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&display=swap
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
938e293eebbb198ed6d10cb5edc251c8dd409e9f0ca188e217014b7c5c8d8688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 11:29:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 11:59:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 11:59:18 GMT
css2
fonts.googleapis.com/ 		810 B
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Crimson+Text:wght@400;700&display=swap
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c9a4026ca78a5832ff1a01961a38a2d8d79106ad32ee9a3224f6d4ebce6649c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 10:42:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 11:59:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 11:59:18 GMT
portal.min.js
unpkg.com/@tryghost/portal@1.12.9/umd/
Redirect Chain
  • https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js
  • https://unpkg.com/@tryghost/portal@1.12.9/umd/portal.min.js
473 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/@tryghost/portal@1.12.9/umd/portal.min.js
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Server
2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8175b17ffc5c63114ff9a4fd97f2a3985370ccc30c0da2f6fe2072963a3ccc37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:19 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
234555
fly-request-id
01FNVNA3RF0BVP8Z5ZAVXMTVDT
content-encoding
br
vary
Accept-Encoding
last-modified
Wed, 01 Dec 2021 18:47:46 GMT
server
cloudflare
etag
W/"7624b-0AODNmVbnCKctwHwa5XgIMkLqQw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6b84de2fbf6d4ec8-FRA

Redirect headers

date
Sat, 04 Dec 2021 11:59:18 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01FP2MFNJ9GW5W7BGHWKGKPMSF
server
cloudflare
age
541
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/@tryghost/portal@1.12.9/umd/portal.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6b84de2f8f1f4ec8-FRA
access-control-allow-origin
*
/
js.stripe.com/v3/ 		268 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
3ed1f78a1ee89c913a730637376afbd17148beec7eca98ed43e46713bb585898
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48
x-cache
Hit from cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-origin
*
last-modified
Fri, 03 Dec 2021 23:13:39 GMT
server
Cloudfront
etag
W/"da8eae94c6390a2e9b43e620a7d73207"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA60-P2
timing-allow-origin
*
x-amz-cf-id
-_vAyVHkcj4LJP_BdHshiY9FgqpwQbQ2pwVIQxWgJlP4xDaGJXhQOA==
cards.min.js
tippinsights.com/public/ 		399 B
460 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tippinsights.com/public/cards.min.js?v=327d99a039
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
e033ed3fec2e9e76316ffc2093e99190e3ee9eb0d1878f3df62507a4ae7d2da7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
age
244
x-cache
HIT, HIT
status
200 OK
content-length
228
ghost-fastly
true
x-request-id
f68eeb48750334fde7d14b0dff21a079, f68eeb48750334fde7d14b0dff21a079
x-served-by
cache-ams21079-AMS, cache-hhn4071-HHN
accept-ranges
bytes
server
openresty
x-timer
S1638619159.117835,VS0,VE0
etag
"19fa7f5beba3b9a12ce8c659be27a992"
vary
Accept-Encoding
content-type
text/js
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
cards.min.css
tippinsights.com/public/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tippinsights.com/public/cards.min.css?v=327d99a039
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
7e007847a3125830b2969a510b3a5644b50674ac363ada13b010f4958578d0c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:18 GMT
content-encoding
gzip
age
243
x-cache
HIT, HIT
status
200 OK
content-length
1106
ghost-fastly
true
x-request-id
f2820b5dd1aaa3156dcd588997cfadd3, f2820b5dd1aaa3156dcd588997cfadd3
x-served-by
cache-ams21044-AMS, cache-hhn4071-HHN
accept-ranges
bytes
server
openresty
x-timer
S1638619159.817571,VS0,VE1
etag
"40460d0b3fe3929effc3e71f32fd6f3d"
vary
Accept-Encoding
content-type
text/css
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b37e4f26189e1807d5c805858d9b17b1b0714692ea79f200ba03d5b5427568eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51243
x-xss-protection
0
server
cafe
etag
8793881444466609872
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 04 Dec 2021 11:59:19 GMT
hrtR2wA_AR0_momently.js
s3-us-west-2.amazonaws.com/momently-static/loader/ 		374 B
758 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/momently-static/loader/hrtR2wA_AR0_momently.js
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.224.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
56d37170f7f3eb8083716eedbb23a080f7aa35b0231265ee3db3b9bbc8901295

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 11:59:20 GMT
Last-Modified
Thu, 25 Feb 2021 20:55:00 GMT
Server
AmazonS3
x-amz-request-id
YZVWHDKJ7B9W17CC
ETag
"9e633d3e9ddc1cb987c94330a5440f79"
Content-Type
application/javascript; charset=utf-8
Accept-Ranges
bytes
Content-Length
374
x-amz-id-2
OOGwIwtdwnMcXDsYDt5vD9XoiE7mmwQqU+5i55SBxlQzAKP1bBN1eKOarbK3cww5CGuvka62Gts=
app.min.js
tippinsights.com/assets/js/ 		264 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tippinsights.com/assets/js/app.min.js?v=327d99a039
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
b37d1cf7356d2ce36c1ff7b42e8fbb22f2395582335e5cddf139021bb16b32eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:18 GMT
content-encoding
gzip
age
243
x-cache
HIT, HIT
status
200 OK
content-length
81299
ghost-fastly
true
x-request-id
2d3077b8d1895be7ebc12db7db807e6c, 2d3077b8d1895be7ebc12db7db807e6c
x-served-by
cache-ams21029-AMS, cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Tue, 05 Oct 2021 10:37:14 GMT
server
openresty
x-timer
S1638619159.817675,VS0,VE1
etag
W/"42188-17c500763af"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 1
comments.js
cdn.cove.chat/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cove.chat/comments.js
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
8b2d6951fd8d7662fc81a64b6097d1ffe243496541874027510bba3886a28af7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 11:59:19 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Last-Modified
Wed, 27 Oct 2021 06:58:37 GMT
x-amz-request-id
tx00000000000011890f890-0061ab4c4d-16e8243f-ams3b
etag
"0af8cf39db9ec4f93684dcc046bba70d"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1638619159.dop220.am5.t,1638619159.cds018.am5.shn,1638619159.dop220.am5.t,1638619159.cds297.am5.c
Content-Type
text/javascript
Cache-Control
max-age=582
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
4522
375036
apiv2.popupsmart.com/api/Bundle/ 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://apiv2.popupsmart.com/api/Bundle/375036
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.208.74 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-208-74.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b2ba27fd64bafe0920d732bcd4ebb29c7d3b3c0632ef48b81428f3d7615f7895

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:19 GMT
cache-control
public,max-age=300
server
nginx/1.20.0
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
edbe6638b2b1477d40ada3f1c8865c3c41a30ccb4483979fd3ca6775ed015fcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100173
x-xss-protection
0
server
cafe
etag
16689561839155947988
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 Dec 2021 11:59:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame A20B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 03 Dec 2021 21:23:19 GMT
expires
Fri, 17 Dec 2021 21:23:19 GMT
content-type
text/html; charset=UTF-8
etag
6406113418471942685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4879
x-xss-protection
0
age
52560
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dark-logo.png
tippinsights.com/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tippinsights.com/assets/dark-logo.png
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
235a566a79e6f9fa378ccf0b4b0f6d85e4243f15f883e99b16a81e9db6aa3f6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:19 GMT
via
1.1 varnish, 1.1 varnish
age
243
x-cache
HIT, HIT
status
200 OK
content-length
2482
ghost-fastly
true
x-request-id
7556ce096e311c0dab435a0453eddba5, 7556ce096e311c0dab435a0453eddba5
x-served-by
cache-ams21027-AMS, cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Tue, 05 Oct 2021 10:37:14 GMT
server
openresty
x-timer
S1638619160.527627,VS0,VE1
etag
W/"9b2-17c50076460"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 1
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d85aed1b48336cc593bb3ee87d14ad075aaf3a21c7662e8cff18548b31599c74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v7/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v7/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tippinsights.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 03:57:25 GMT
x-content-type-options
nosniff
age
374514
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37780
x-xss-protection
0
last-modified
Wed, 10 Nov 2021 17:59:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 03:57:25 GMT
wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v13/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/crimsontext/v13/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Crimson+Text:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tippinsights.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 17:34:10 GMT
x-content-type-options
nosniff
age
152709
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14888
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 17:15:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 02 Dec 2022 17:34:10 GMT
/
tippinsights.com/members/api/site/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tippinsights.com/members/api/site/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
9c8595793cd0d206f989d7696201cfdc6b3d397998fe7585107aa787bd9215bf

Request headers

Referer
https://tippinsights.com/newsletter-sign-up/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/json

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
age
243
accept-ranges
bytes
x-cache
HIT, HIT
status
200 OK
content-length
925
ghost-fastly
true
x-request-id
bd4be47198f915a2c1fce32b543ea6fc, bd4be47198f915a2c1fce32b543ea6fc
x-served-by
cache-ams12762-AMS, cache-hhn4071-HHN
access-control-allow-origin
*
server
openresty
x-timer
S1638619160.614482,VS0,VE1
etag
W/"d88-XMq/dpohph5tIKO1icSkHQvnwOU"
vary
Accept-Encoding, Cookie
content-type
application/json; charset=utf-8
via
1.1 varnish, 1.1 varnish
cache-control
no-cache, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache
MISS
x-cache-hits
1, 1
/
tippinsights.com/members/api/member/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tippinsights.com/members/api/member/
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
243
date
Sat, 04 Dec 2021 11:59:19 GMT
via
1.1 varnish, 1.1 varnish
server
openresty
x-timer
S1638619160.614565,VS0,VE11
ghost-cache
HIT
x-served-by
cache-ams21021-AMS, cache-hhn4071-HHN
status
204 No Content
x-cache
MISS, MISS
access-control-allow-origin
*
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
accept-ranges
bytes
ghost-fastly
true
x-request-id
8e70898c83437d3024f2774915f2f43a, 236250d098d6e77360caf074743ade11
x-cache-hits
0, 0
m-outer-f7902241893e7a497417843cb15dc858.html
js.stripe.com/v3/ Frame 2EA6 		240 B
957 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/

Response headers

content-type
text/html; charset=utf-8
content-length
240
last-modified
Wed, 27 Oct 2021 22:19:31 GMT
accept-ranges
bytes
server
Cloudfront
access-control-allow-origin
*
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-security-policy
default-src 'self'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
timing-allow-origin
*
date
Sat, 04 Dec 2021 11:59:03 GMT
cache-control
max-age=60
etag
"f7902241893e7a497417843cb15dc858"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
4CJwi2xdh-Rm9x1iw36P1nz3oytoIcX-LWMC0ouAjvu9ahHqZ_h4AA==
age
16
momently.js
s3-us-west-2.amazonaws.com/momently-static/js/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/momently-static/js/momently.js
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/momently-static/loader/hrtR2wA_AR0_momently.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.224.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
e43fb276675c4652a88a39ba7e377e9a1bb1ad51ff639316fec460ff0029a758

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Sat, 04 Dec 2021 11:59:20 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Mar 2021 03:44:28 GMT
Server
AmazonS3
x-amz-request-id
YZVMNTCAKPXS140G
ETag
"8642c2503aa4fb42e2f26a04368daefd"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
7652
x-amz-id-2
TP43avKk6zNj1SbVBceo3b0xeI7FNf1wx83OSZLOLQ7RwltQS7my/aAk3eOaZs+WUDm2CWOIspg=
csp-report
q.stripe.com/ Frame 2EA6 		0
347 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://js.stripe.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
server
nginx
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
x-envoy-upstream-service-time
2
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
content-length
0
/
o55869.ingest.sentry.io/api/5810204/envelope/ 		2 B
245 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o55869.ingest.sentry.io/api/5810204/envelope/?sentry_key=308d13cd6a054366914b8652d7e0d345&sentry_version=7
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://tippinsights.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 11:59:19 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://tippinsights.com
access-control-expose-headers
x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
clear
content-length
2
m-outer-639174098ea8fe7fede6fa654790e8ec.js
js.stripe.com/v3/fingerprinted/js/ Frame 2EA6 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-f7902241893e7a497417843cb15dc858.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P2
x-cache
Hit from cloudfront
date
Sat, 04 Dec 2021 11:59:21 GMT
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
last-modified
Mon, 25 Oct 2021 19:35:20 GMT
server
Cloudfront
etag
W/"5213886b88cd72e6d0aebc89868e5d13"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
A7uqWFuIH2jOD_8K3_mNmrQs0dhiUknqmXcR5trlpmleH0JNL2V6Qg==
cookie.js
partner.googleadservices.com/gampad/ 		220 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=tippinsights.com&callback=_gfp_s_&client=ca-pub-2418753237951341
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f830f39c7a89c48d6ba7d3ed8a084578bfc40e453d22b34b819cd1b6a51944a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tippinsights.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tippinsights.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 11:59:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F&tn=IFRAME&cls=gh-portal-triggerbtn-iframe&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 11:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F&tn=HEADER&cls=js-header%20c-header%20js-header--headroom&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 11:59:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3036 		165 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2418753237951341&output=html&adk=1812271804&adf=3025194257&lmt=1638619159&plat=1%3A16777216%2C2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638619159407&bpp=123&bdt=615&idt=262&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=70419035863&frm=20&pv=2&ga_vid=283798459.1638619160&ga_sid=1638619160&ga_hid=775743866&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063752%2C31063793%2C31062930&oid=2&pvsid=1480396401172658&pem=378&tmod=1676035697&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=279
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbbe06e18c3eb0ec17fe40675d45e6cf1a3538b55db916ac22bda88aed5ed979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 04 Dec 2021 11:59:20 GMT
server
cafe
content-length
44105
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 04 Dec 2021 11:59:20 GMT
cache-control
private
i
ping.momently.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ping.momently.com/i?a=hrtR2wA_AR0&h=tippinsights.com&v=2&l=1&r=&x=%2Fnewsletter-sign-up%2F&n=&f=1&pc=1&al=tippinsights.com%2Fnewsletter-sign-up%2F&ti=tippinsights%20newsletter%20sign-up&au=raghavan%20mayur&pu=1626981517000&i=bS000&callback=_mnt_callback_json1
Requested by
Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/momently-static/js/momently.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.33.103 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-33-103.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
375036
apiv2.popupsmart.com/api/Bundle/script-loader/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apiv2.popupsmart.com/api/Bundle/script-loader/375036?Referer=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F
Requested by
Host: apiv2.popupsmart.com
URL: https://apiv2.popupsmart.com/api/Bundle/375036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.16.208.74 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-208-74.us-east-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ee1587827df19a3876f95e9265a9630fca889b1127cc222c12f6556485137fea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
cache-control
public,max-age=300
server
nginx/1.20.0
content-encoding
br
vary
Accept-Encoding
content-type
application/javascript
inner.html
m.stripe.network/ Frame ED6D 		932 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-639174098ea8fe7fede6fa654790e8ec.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
Security Headers
Name Value
Content-Security-Policy connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
content-length
932
last-modified
Thu, 04 Nov 2021 19:04:57 GMT
accept-ranges
bytes
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
x-content-type-options
nosniff
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://m.stripe.com; default-src 'none'; font-src 'self'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy
connect-src 'self' https://m.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; media-src 'none'; object-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
date
Sat, 04 Dec 2021 11:55:00 GMT
cache-control
max-age=300, public
etag
"f6254e6dd0cb06228801a1c8baf0939f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
RsU110YH6yMgBw_VB6myVagiKFpqR6ZzH2YmFbpYgsX9sizbo_uGNQ==
age
260
csp-report
q.stripe.com/ Frame ED6D 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
x-envoy-upstream-service-time
4
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
csp-report
q.stripe.com/ Frame ED6D 		0
120 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-119-242.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
x-envoy-upstream-service-time
1
server
nginx
content-length
0
strict-transport-security
max-age=31556926; includeSubDomains; preload
out-4.5.41.js
m.stripe.network/ Frame ED6D 		85 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.41.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:9400:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
age
210
x-cache
Hit from cloudfront
date
Sat, 04 Dec 2021 11:55:51 GMT
last-modified
Thu, 04 Nov 2021 19:04:57 GMT
server
Cloudfront
etag
W/"2db385faf28cf5f9393cf01a0a1edfa2"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 a823be133adad65df6d3bf471a742793.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
FRA56-P4
timing-allow-origin
*
x-amz-cf-id
PToG4LSG8gMnbvv64pFrMlqsKl3LOd5CbtzwcOgsTky7bVwTRAewGw==
6
m.stripe.com/ Frame ED6D 		156 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.41.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.8.68 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-8-68.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3cfd597c8fda98c92ce7455b8f94a45cccedd33140e457ffde72814656d4cbb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54b66ed85a468f4adbaf047ded60e6b84cc16b7f17a34a8848ddcb167872f2f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54305
x-xss-protection
0
server
cafe
etag
12839569269929905825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 04 Dec 2021 11:59:20 GMT
style.css
popup.popupsmart.com/builds/build_25204/ 		236 B
626 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://popup.popupsmart.com/builds/build_25204/style.css?hash=e7cc0f452ac0b43ddf35164357251d9b
Requested by
Host: apiv2.popupsmart.com
URL: https://apiv2.popupsmart.com/api/Bundle/script-loader/375036?Referer=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7a00:a:ed23:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
028621c3ea8c2331f0f93a31f02f6dd2d88c8402592349580162db6289688bf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
TqsCAmrPvGp39AiUwnB7ry237DtqPRqc
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified
Mon, 22 Nov 2021 15:36:33 GMT
server
AmazonS3
age
462
etag
"83ad5b214c5cdf457722fb24eaca1349"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=1440
date
Sat, 04 Dec 2021 11:54:52 GMT
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-length
236
x-amz-cf-id
sBQWfl-ltbkmJ8g4ae2jokpCIGhBEahs14xNeLLXDpXQ0HsTZJiAzQ==
bundle.js
popup.popupsmart.com/builds/build_25204/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popup.popupsmart.com/builds/build_25204/bundle.js?hash=e7cc0f452ac0b43ddf35164357251d9b
Requested by
Host: apiv2.popupsmart.com
URL: https://apiv2.popupsmart.com/api/Bundle/script-loader/375036?Referer=https%3A%2F%2Ftippinsights.com%2Fnewsletter-sign-up%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7a00:a:ed23:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14a9b79cf589d32ecd992ce42c2b53688c053b600029a60f1bbd4bfdb91a3f19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
xC_IPXTc8f6sA_INTGZs3xxQwUx_BdRe
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 15:36:33 GMT
server
AmazonS3
age
462
etag
W/"fdac930b77269aee5b93c6c541a8c7ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control
public, max-age=1440
date
Sat, 04 Dec 2021 11:54:52 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
aJAkIFcrPNpwo1M4DO0nW4satAwQSue7EDZl3K8fUoChL4RPFJUefA==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=tippinsights.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 11:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=tippinsights.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 11:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame ADC1 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 03 Dec 2021 21:27:26 GMT
expires
Fri, 17 Dec 2021 21:27:26 GMT
content-type
text/html; charset=UTF-8
etag
6406113418471942685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4879
x-xss-protection
0
age
52314
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
main.dce197cf.chunk.js
popup.popupsmart.com/builds/build_25204/static/js/ 		66 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popup.popupsmart.com/builds/build_25204/static/js/main.dce197cf.chunk.js?hash=e7cc0f452ac0b43ddf35164357251d9b
Requested by
Host: popup.popupsmart.com
URL: https://popup.popupsmart.com/builds/build_25204/bundle.js?hash=e7cc0f452ac0b43ddf35164357251d9b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7a00:a:ed23:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dab265443a13a7f64387a87d401de5ca5a58ed370de3edabeb8d6075f006166a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
aNW2FZOo3y3Y9M2DF0ZnkulW9i3eS5AV
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 15:36:33 GMT
server
AmazonS3
age
461
etag
W/"ad52a9eb3ef3211ddf20e9430ce706ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control
public, max-age=1440
date
Sat, 04 Dec 2021 11:54:52 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
4tr2AhoUQJHdBhiDNYGH7V-d1nHDPPAGAQabfzZmPIrcx7rrq12pqw==
2.d27969da.chunk.js
popup.popupsmart.com/builds/build_25204/static/js/ 		619 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://popup.popupsmart.com/builds/build_25204/static/js/2.d27969da.chunk.js?hash=e7cc0f452ac0b43ddf35164357251d9b
Requested by
Host: popup.popupsmart.com
URL: https://popup.popupsmart.com/builds/build_25204/bundle.js?hash=e7cc0f452ac0b43ddf35164357251d9b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:7a00:a:ed23:2900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a13f2e54a9ce3982f09b00e88090346e0c51b69b87f8a406344d86300dd495e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
rbfl_4PcGGn3OAAnDWr2JbKqd35hy_5I
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 15:36:33 GMT
server
AmazonS3
age
462
etag
W/"96387f4aa4b5658c4914fb7d0471d72b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
cache-control
public, max-age=1440
date
Sat, 04 Dec 2021 11:51:39 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
W8xpwg-2mG3Mw2fNzJrFJSwk0TuQEXiT3NT17r49jxhjKapyaPZoAw==
css
fonts.googleapis.com/ 		41 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,300i,400,400i,600,600i,700,700i,800,800i|Montserrat:300,300i,400,400i,600,600i,700,700i,800,800i|Heebo:300,300i,400,400i,600,600i,700,700i,800,800i|Archivo+Narrow:300,300i,400,400i,600,600i,700,700i,800,800i&amp;display=swap&amp;subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese?hash=e7cc0f452ac0b43ddf35164357251d9b
Requested by
Host: popup.popupsmart.com
URL: https://popup.popupsmart.com/builds/build_25204/bundle.js?hash=e7cc0f452ac0b43ddf35164357251d9b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e8292420df43e250bdac8e6327b2d4b8cda79c226b33cfa8c7c6e7cb0f7875dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 11:59:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 11:59:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 11:59:20 GMT
css2
fonts.googleapis.com/ Frame ADC1 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 11:41:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 11:59:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 11:59:20 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ADC1 		205 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 13:34:25 GMT
x-content-type-options
nosniff
age
80695
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 03 Dec 2022 13:34:25 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame ADC1 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 16:42:48 GMT
x-content-type-options
nosniff
age
69392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 03 Dec 2022 16:42:48 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/ Frame ADC1 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:55:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8210
x-xss-protection
0
server
cafe
etag
6499249944067270656
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 11:55:21 GMT
css
fonts.googleapis.com/ Frame F143 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 04 Dec 2021 11:36:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 04 Dec 2021 11:59:20 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Dec 2021 11:59:20 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F143 		1 KB
960 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:29:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 11:29:57 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame F143 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:21:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2260
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 11:21:40 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F143 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 11:05:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F143 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Dec 2021 11:59:20 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F143 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 18 Dec 2021 11:06:27 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame F143 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 16:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
589069
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 16:21:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env
Requested by
Host: unpkg.com
URL: https://unpkg.com/@tryghost/portal@~1.12.0/umd/portal.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d09afff2d36d853b2eb51a466bd5ffe0dea428eacc2adfa38a555c6a09c9e6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 04 Dec 2021 11:59:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8619
x-xss-protection
0
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 1712 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tippinsights.com
URL: https://tippinsights.com/newsletter-sign-up/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:26:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
333165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:26:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2418753237951341&plah=tippinsights.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 11:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 04 Dec 2021 11:59:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E8C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Sat, 04 Dec 2021 10:57:16 GMT
expires
Sun, 04 Dec 2022 10:57:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3725
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 2C3B 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69fe6104ea10368fa4d853913d7c42b0a2196e55a17142ed51406c81c98e77ba
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AnnBB2DiZL5DeQYKiuYMvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 04 Dec 2021 11:59:21 GMT
date
Sat, 04 Dec 2021 11:59:21 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AnnBB2DiZL5DeQYKiuYMvg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dark-logo.png
tippinsights.com/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tippinsights.com/assets/dark-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
235a566a79e6f9fa378ccf0b4b0f6d85e4243f15f883e99b16a81e9db6aa3f6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:21 GMT
via
1.1 varnish, 1.1 varnish
age
245
x-cache
HIT, HIT
status
200 OK
content-length
2482
ghost-fastly
true
x-request-id
7556ce096e311c0dab435a0453eddba5, 7556ce096e311c0dab435a0453eddba5
x-served-by
cache-ams21027-AMS, cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Tue, 05 Oct 2021 10:37:14 GMT
server
openresty
x-timer
S1638619161.114437,VS0,VE0
etag
W/"9b2-17c50076460"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 2
4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
pagead2.googlesyndication.com/bg/ Frame 8E8C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4Sfc45HFswufgCf8fQCX22Ys6cavju9jIH_-ShQytV0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:26:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
333166
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13379
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 30 Nov 2022 15:26:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2C3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=1480396401172658&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=1480396401172658&bg=!7-yl7KjNAAaQHwIOkB87ACkAdvg8WgHwngV1GzR6Cne7y1lUh7N3ywuQiv4KCqomBobArPNq95HUNQIAAABSUgAAAAdoAQcKAD2CNoHf8kgc-nXgVZzIIBuanqxffe-ob8AOJGWfMRANOIt6wxVh2yg2Z0A5VsLdANB6I7f0Nwk4jVZbWkM9mQKnY3ooQQlhKHxDy97N8dXNEa8GxemJX-pSc5Nd0W1xSRdBzz-iF_8oljB4uhmnb1cdCMy4EJhM1vCRA1VzgF5SFifgccwuEkCJOTMVMmfXv0kB8wE02yTD6JkdvsI1nVnbexz3NKtiTU9KyvedQzfGKrm8KCh5GOfrPC9YWSG_uAn6OEaLPYS5P-Q924qomS20JIDRIEHX51kiVhwNUAAQKkL3lqWCVfFUxY96Z0Ki9nEKOHuK0eKuoHxcudtcF8elUhbkBs9Fe0M05fn2_Px1phclqtNZ5sLNY6RzdiZbUgk__4g8qFlYQFabJttZTz3UruLj9GylLbeQu157yMPJySa34nY-AxX1dbgbRnCBmz9YWeXsbJ5TXft40ZKPDy8tianjs5MZLghmh-HjgmxzfoNdFPHGHxUy7DullAEhW9mjjque6bpxEKvjxI4hHAelmtWHxLFanR5d-UZ5cb2claTmR2qMRcr_pcnqobfIv-K-TtSr_PnNuyvZKNtvaxoz9plghCVQTR1DL-_xL3Zjio8iRHFanP1n0Xc-ckGZCyWtv6yzRNQn1Br5YQhKb92Q3wsAJzPsw8rkJ5QMGEGacItsTBKefny_ra6H8vI7N_ICcxgDdvk-lLrHDDZcXt6zkURR4iw32HEWwSjs5Kh6QXDNVjaelf3uM8iJ5Kl0rYUhY8EClH7VXgFKsiyJ37LsjZRZHJFdfz7e3DbVbYiDLM5reMQVPZF-51NmfhbILyrwXbQVQZYjWvgjFEPh6YkY8MDbvJq_ai78PxtIQkCwoinfeOUx11gQ-YRCAyvO5p_EMYSgBRxBjsTV7TGcJgozCtuTEe60aP-em1kPeELM0bLTLVIO3Xs1CV3Cx4kgRmyGCV5dgW25CbLlMrNbu_4g1tbbRrLTvg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Dec 2021 11:59:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dark-logo.png
tippinsights.com/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tippinsights.com/assets/dark-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
235a566a79e6f9fa378ccf0b4b0f6d85e4243f15f883e99b16a81e9db6aa3f6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tippinsights.com/newsletter-sign-up/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

ghost-age
0
date
Sat, 04 Dec 2021 11:59:21 GMT
via
1.1 varnish, 1.1 varnish
age
245
x-cache
HIT, HIT
status
200 OK
content-length
2482
ghost-fastly
true
x-request-id
7556ce096e311c0dab435a0453eddba5, 7556ce096e311c0dab435a0453eddba5
x-served-by
cache-ams21027-AMS, cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Tue, 05 Oct 2021 10:37:14 GMT
server
openresty
x-timer
S1638619161.312952,VS0,VE0
etag
W/"9b2-17c50076460"
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
x-cache-hits
1, 3

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| user_color_scheme function| initial_mode_set string| site_url string| pagination_next_page_number string| pagination_available_pages_number string| pagination_loading_text string| pagination_more_posts_text string| clipboard_copied_text string| search_api_key object| __webpackStripeJSv3Jsonp function| Stripe object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async string| google_user_agent_client_hint object| _momently_opt function| google_spfd number| google_unique_id object| google_sv_map object| _self object| Prism function| $ function| jQuery object| dragscroll object| lazySizes function| Headroom function| ClipboardJS function| lunr object| regeneratorRuntime object| __SENTRY__ string| coveUrl string| css object| customCss string| spinnerSvg string| reactionIcon function| getParameterByName object| coveAction boolean| coveExists undefined| commentForm undefined| nameInput undefined| commentInput undefined| commentBlock undefined| commentsCount undefined| replyInput undefined| cancelLink undefined| commentTemplate undefined| hasReactions undefined| reactionTypes undefined| newMessageAlert undefined| showBranding undefined| strings object| container object| coveCommentCount object| loadingMessage boolean| cannotComment object| scriptWithPub undefined| publicationId function| getComments function| getStrings function| listenForReplies function| listenForLikes function| listenForReactions function| coveInit function| addForm function| addComment function| showReactions function| submitComment function| getCommentHTML function| activateReply function| checkVisible function| cancelReply function| removeCancelLink function| toggleLike function| submitReaction undefined| loginForm function| adjustTextarea function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| _mnt_callback_json1 object| MOMENTLY boolean| popup_smart_bundle_loaded object| google_llp boolean| popupsmartVerification375036 object| popupsmartDebugLog object| popupsmartLog object| psMetaData number| totalScriptCount object| triggerParameters number| loadedScriptsCount function| triggerPopup25204 function| onLoadScripts function| onPopupSmartInteraction string| popupSmartHash number| google_lpabyc object| p object| importedChunk object| importedMain object| style object| webpackJsonpmy-app-25204 object| __core-js_shared__ object| ReactDOM function| Base object| popupSmartData function| showPopupSmart25204 object| googletag object| GoogleGcLKhOms

10 Cookies

Domain/Path Name / Value
tippinsights.com/ Name: mnt_2._vr_3
Value: 2%3B%3B%3B
.tippinsights.com/ Name: __gads
Value: ID=c706830f305e73f3-222b17583ccc0064:T=1638619159:RT=1638619159:S=ALNI_MYpXxD_WozSWo0a0d8Ok93c7Yl8XQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
tippinsights.com/ Name: popupsmart_25204_visit_count
Value: 1
tippinsights.com/ Name: popupsmart_25204_session_popup_display_count
Value: 0
tippinsights.com/ Name: popupsmart_25204_popup_display_count
Value: 0
tippinsights.com/ Name: popupsmart_25204_popup_clicked_close
Value: false
m.stripe.com/ Name: m
Value: c70db638-4a86-4f8f-9ce4-40fe71f3125ef3855a
.tippinsights.com/ Name: __stripe_mid
Value: 6fb78379-bebb-42a3-8275-b3b0f9e75fb846b8b4
.tippinsights.com/ Name: __stripe_sid
Value: 7cc4f874-3a2a-4b65-a38e-bf1fc7035ec081ed7d

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' 'sha256-Qj6AdMOUjZkBBUTjGW/OORBoqx2Pohcq8Bg/ZvZzgYw='".
network error URL: https://ping.momently.com/i?a=hrtR2wA_AR0&h=tippinsights.com&v=2&l=1&r=&x=%2Fnewsletter-sign-up%2F&n=&f=1&pc=1&al=tippinsights.com%2Fnewsletter-sign-up%2F&ti=tippinsights%20newsletter%20sign-up&au=raghavan%20mayur&pu=1626981517000&i=bS000&callback=_mnt_callback_json1
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
apiv2.popupsmart.com
cdn.cove.chat
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
o55869.ingest.sentry.io
pagead2.googlesyndication.com
partner.googleadservices.com
ping.momently.com
popup.popupsmart.com
q.stripe.com
s3-us-west-2.amazonaws.com
tippinsights.com
tpc.googlesyndication.com
unpkg.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
18.66.122.63
205.185.216.10
2600:9000:223e:9400:19:7d10:bd80:93a1
2600:9000:223f:7a00:a:ed23:2900:93a1
2606:4700::6810:7daf
2a00:1450:4001:802::200a
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a04:4e42:400::775
3.16.208.74
34.120.195.249
52.218.224.160
52.34.33.103
52.40.8.68
54.187.119.242
028621c3ea8c2331f0f93a31f02f6dd2d88c8402592349580162db6289688bf6
0a13f2e54a9ce3982f09b00e88090346e0c51b69b87f8a406344d86300dd495e
14a9b79cf589d32ecd992ce42c2b53688c053b600029a60f1bbd4bfdb91a3f19
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
1969520bd7b0ea7b84b1cbdda4a8ae93c321abe6eaeff82b5fa496680bf88a0f
1d71682fbb31fc64ba19097a9eb389593ba1bf9f9f913bef6eaf563eb08c2a7a
235a566a79e6f9fa378ccf0b4b0f6d85e4243f15f883e99b16a81e9db6aa3f6a
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3ed1f78a1ee89c913a730637376afbd17148beec7eca98ed43e46713bb585898
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
54b66ed85a468f4adbaf047ded60e6b84cc16b7f17a34a8848ddcb167872f2f4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d37170f7f3eb8083716eedbb23a080f7aa35b0231265ee3db3b9bbc8901295
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
69fe6104ea10368fa4d853913d7c42b0a2196e55a17142ed51406c81c98e77ba
6b5402ff8932ed835d39a31b75c6bc737a80f6ddcd6269a1fa53556485ca3ad8
6f6fb4a5ed73890ce881e4b94a3e971684a44fdead6c1c2a45b31e96ab32de4a
7e007847a3125830b2969a510b3a5644b50674ac363ada13b010f4958578d0c7
8175b17ffc5c63114ff9a4fd97f2a3985370ccc30c0da2f6fe2072963a3ccc37
8566e9be89ad07c653515a7f45ca8911d4025e949a30520c79fc38a55e51c57e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8b2d6951fd8d7662fc81a64b6097d1ffe243496541874027510bba3886a28af7
938e293eebbb198ed6d10cb5edc251c8dd409e9f0ca188e217014b7c5c8d8688
9c8595793cd0d206f989d7696201cfdc6b3d397998fe7585107aa787bd9215bf
a2f6b81396ab1150effea054efbf1623212ea0419976389ce8f10e909d39e4c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acdc8f60059cbf557957869f544dce756689a499c506856522204b3ea06be8c7
b2ba27fd64bafe0920d732bcd4ebb29c7d3b3c0632ef48b81428f3d7615f7895
b37d1cf7356d2ce36c1ff7b42e8fbb22f2395582335e5cddf139021bb16b32eb
b37e4f26189e1807d5c805858d9b17b1b0714692ea79f200ba03d5b5427568eb
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
c9a4026ca78a5832ff1a01961a38a2d8d79106ad32ee9a3224f6d4ebce6649c4
cbbe06e18c3eb0ec17fe40675d45e6cf1a3538b55db916ac22bda88aed5ed979
d09afff2d36d853b2eb51a466bd5ffe0dea428eacc2adfa38a555c6a09c9e6ab
d85aed1b48336cc593bb3ee87d14ad075aaf3a21c7662e8cff18548b31599c74
dab265443a13a7f64387a87d401de5ca5a58ed370de3edabeb8d6075f006166a
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e033ed3fec2e9e76316ffc2093e99190e3ee9eb0d1878f3df62507a4ae7d2da7
e127dce391c5b30b9f8027fc7d0097db662ce9c6af8eef63207ffe4a1432b55d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cfd597c8fda98c92ce7455b8f94a45cccedd33140e457ffde72814656d4cbb
e43fb276675c4652a88a39ba7e377e9a1bb1ad51ff639316fec460ff0029a758
e8292420df43e250bdac8e6327b2d4b8cda79c226b33cfa8c7c6e7cb0f7875dd
ed34a59f182c66e2b25c602f3c9b0f21435a8f475d5dbc9e6830ff4c7929f5cd
edbe6638b2b1477d40ada3f1c8865c3c41a30ccb4483979fd3ca6775ed015fcd
ee1587827df19a3876f95e9265a9630fca889b1127cc222c12f6556485137fea
f830f39c7a89c48d6ba7d3ed8a084578bfc40e453d22b34b819cd1b6a51944a2