secure.cdunsigned.com Open in urlscan Pro
2606:4700:3037::681f:463d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.cdunsigned.com/
Submission: On September 30 via automatic, source certstream-suspicious (September 30th 2020, 3:23:52 am UTC)

Summary HTTP 59 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 59 HTTP transactions. The main IP is 2606:4700:3037::681f:463d, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.cdunsigned.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 19th 2020. Valid for: a year.

This is the only time secure.cdunsigned.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3037::681f:463d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
9	2600:9000:21f... 2600:9000:21f3:b000:3:c04e:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:e600:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	18.195.43.194 18.195.43.194	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
59	13

24 2606:4700:3037::681f:463d (United States)

ASN13335 (CLOUDFLARENET, US)

secure.cdunsigned.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:21f3:b000:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:e600:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.43.194 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-43-194.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	cdunsigned.com secure.cdunsigned.com	478 KB
11	sharethis.com ws.sharethis.com l.sharethis.com	51 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	176 KB
6	google.com apis.google.com adservice.google.com accounts.google.com	103 KB
5	doubleclick.net googleads.g.doubleclick.net
2	google-analytics.com ssl.google-analytics.com	17 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	google.de adservice.google.de	168 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googleapis.com ajax.googleapis.com	32 KB
59	10

	Domain	Requested by
24	secure.cdunsigned.com	secure.cdunsigned.com
9	ws.sharethis.com	secure.cdunsigned.com ws.sharethis.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
5	pagead2.googlesyndication.com	secure.cdunsigned.com pagead2.googlesyndication.com
4	apis.google.com	ws.sharethis.com apis.google.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	l.sharethis.com	ws.sharethis.com secure.cdunsigned.com
2	ssl.google-analytics.com	secure.cdunsigned.com
1	accounts.google.com	apis.google.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	ajax.googleapis.com	secure.cdunsigned.com
59	14

This site contains links to these domains. Also see Links.

Domain
www.cdunsigned.com
www.facebook.com
twitter.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-19` - `2021-07-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://secure.cdunsigned.com/
Frame ID: 681908D913B69141A9192CB8AC40F876
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html
Frame ID: E4CC85A1555C9E413C7E55B2662C2967
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: F5EDBD6BD1CE993CFC4F5A219CC5D6AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=15&slotname=3854374124&adk=294903504&adf=1258322385&w=468&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214206&bpp=15&bdt=187&idt=89&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3870765975709&frm=20&pv=2&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=576168&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=822&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bELgeRFmBQ&p=https%3A//secure.cdunsigned.com&dtd=117
Frame ID: D0281B87EB42390595146DC125A866F8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&w=728&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214229&bpp=2&bdt=210&idt=107&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=34130600&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gt2c1szldx&p=https%3A//secure.cdunsigned.com&dtd=110
Frame ID: BD707F03B20C349A93ABB6BB8FB0F47F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&w=120&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214240&bpp=1&bdt=222&idt=120&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=34130600&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q1O48e9UYH&p=https%3A//secure.cdunsigned.com&dtd=123
Frame ID: 68C83B7A1B260C455D3D00204A149465
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 8B941FB2E71EAE20A3B6B7EB51A1389F
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
Frame ID: 1DC7C7A3ABC07F0A46E9DC6F001AF8AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&adk=1812271804&adf=3025194257&lmt=1601436214&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1601436214812&bpp=1&bdt=793&idt=2&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3854374124%2C4431810172%2C5908543374&nras=1&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=2181614248&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H8T_-MV6vOgl16qERiYHuB7crAxyhfk69V7T6RoHspKFmqiVzOjSQ&pvsid=4047699259642629&pem=426&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 70C2A340A976B6BB4E899051EA74809F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 1796083BE0AA4BF11526FFA6A2075700
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: DE9D8DA7FDF497451923909B00A382EE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\/pagead\/show_ads\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

59
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

885 kB
Transfer

1808 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cdunsigned.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CDUnsigned

Search URL Search Domain Scan URL

URL: https://twitter.com/cdunsigned

Search URL Search Domain Scan URL

URL: https://plus.google.com/107601662321981258688/posts

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
secure.cdunsigned.com/ 34 KB
8 KB 123ms
94ms Document
text/html 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27138ea2fc2f458792e57948d907c28790c819f844bc8478f18ceabfcfeb8cd6

Request headers

:method: GET
:authority: secure.cdunsigned.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 30 Sep 2020 03:23:34 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dd2e02289ee0b1b1ba99a61ed700f9db21601436213; expires=Fri, 30-Oct-20 03:23:33 GMT; path=/; domain=.cdunsigned.com; HttpOnly; SameSite=Lax
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cf-cache-status: DYNAMIC
cf-request-id: 057ea27aa5000006055802d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 5daad3710dd40605-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 532596eda4_1580414914.css
secure.cdunsigned.com/ccss/ 14 KB
4 KB 92ms
91ms Stylesheet
text/css 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70979fad625ab9090cde420d3e142628aeede9ec487315594f56492562b27361

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057ea27b090000060558035200000001
last-modified: Thu, 30 Jan 2020 20:08:34 GMT
server: cloudflare
etag: W/"5e3337c2-3755"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 5daad371aee20605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
32 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 01:36:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6416
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Sep 2021 01:36:38 GMT

GET
H2 200 1e5da0f2da_1580414914.js Show response
secure.cdunsigned.com/cjs/ 200 KB
48 KB 156ms
156ms Script
application/javascript 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdunsigned.com/cjs/1e5da0f2da_1580414914.js
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7f619c5be91f7b36a157fdedeb8d343f23a838fd2aee4d8f39fae802f90994e

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 057ea27b090000060558036200000001
last-modified: Thu, 30 Jan 2020 20:08:34 GMT
server: cloudflare
etag: W/"5e3337c2-31ee2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 5daad371aee50605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 cdu-logo-trans.png
secure.cdunsigned.com/img/ 34 KB
34 KB 115ms
115ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/cdu-logo-trans.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dab5441fc5ea9439d17f4adc60e14e65f0c0597598cff7f56802a44d6ee9a0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34802
cf-request-id: 057ea27b97000006055803d200000001
last-modified: Fri, 18 Apr 2014 10:49:20 GMT
server: cloudflare
etag: "53510330-87f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad3728feb0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 90 KB
32 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e819c3010c37b5f88d7ac407263e148963d654b78111aa7b45f90370fabdb23d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 32368
x-xss-protection: 0
server: cafe
etag: 12151818210767606446
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Sep 2020 03:23:34 GMT

GET
H2 200 jarek-adam-w-pawel-brzozowski-contemporary-polish-village-music.jpg
secure.cdunsigned.com/img/covers/ 17 KB
17 KB 136ms
136ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/jarek-adam-w-pawel-brzozowski-contemporary-polish-village-music.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1110d6224007a5660337e34cb8db539ca7f7d6cbe48c29f705e59ab587ac77c

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16927
cf-request-id: 057ea27bab0000060558040200000001
last-modified: Mon, 15 Apr 2013 10:41:10 GMT
server: cloudflare
etag: "516bd946-421f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372a81d0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 kevin-davies-playing-in-cloud.jpg
secure.cdunsigned.com/img/covers/ 13 KB
13 KB 115ms
111ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/kevin-davies-playing-in-cloud.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fcb28b6caedb89690a8929fc3ed35df1d6cd28559991dc6eb8c3763878711ac

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13094
cf-request-id: 057ea27bb60000060558041200000001
last-modified: Mon, 15 Apr 2013 10:41:30 GMT
server: cloudflare
etag: "516bd95a-3326"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8340605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 viktor-mastoridis-journey-vol-4-calm.jpg
secure.cdunsigned.com/img/covers/ 11 KB
11 KB 138ms
135ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/viktor-mastoridis-journey-vol-4-calm.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ebfb3d9229f342c2c07ffcfb491572286ccd4da9adea460a76f2f66865acf7

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11161
cf-request-id: 057ea27bb60000060558042200000001
last-modified: Mon, 15 Apr 2013 10:44:33 GMT
server: cloudflare
etag: "516bda11-2b99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8350605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 madison-mckoy-10th-child.jpg
secure.cdunsigned.com/img/covers/ 16 KB
17 KB 148ms
145ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/madison-mckoy-10th-child.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 038d8aa9fa1a952aec7c8e38ac0cbb3e460ebbcc2838b36ebea534556ee95f87

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16888
cf-request-id: 057ea27bb60000060558043200000001
last-modified: Mon, 15 Apr 2013 10:42:12 GMT
server: cloudflare
etag: "516bd984-41f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8370605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 nick-stubbs-acoustic-nights.jpg
secure.cdunsigned.com/img/covers/ 5 KB
5 KB 149ms
146ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/nick-stubbs-acoustic-nights.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bafc27cf997ceee51c6cf602c1ad80fe72f52e723f09248771b95b7a3a43bda

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4731
cf-request-id: 057ea27bb60000060558044200000001
last-modified: Mon, 15 Apr 2013 10:42:34 GMT
server: cloudflare
etag: "516bd99a-127b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8380605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 nicky-taylor-absolution.jpg
secure.cdunsigned.com/img/covers/ 10 KB
10 KB 176ms
172ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/nicky-taylor-absolution.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3bced731551742c6650ab334aa71a77b940d7f2a20996d1eefc6bba4cebbb59

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10285
cf-request-id: 057ea27bb70000060558045200000001
last-modified: Mon, 15 Apr 2013 10:42:34 GMT
server: cloudflare
etag: "516bd99a-282d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b83a0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 the-love-family-when-time-meant-nothing-ep.jpg
secure.cdunsigned.com/img/covers/ 8 KB
9 KB 130ms
128ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/the-love-family-when-time-meant-nothing-ep.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d12a7e9f88ce45449a2a4440423d08040d82f64657851548b5acda1645e964

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8635
cf-request-id: 057ea27bb70000060558046200000001
last-modified: Fri, 21 Oct 2016 13:01:20 GMT
server: cloudflare
etag: "580a11a0-21bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b83b0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 mark-james-and-the-technicolor-vibe-dangerous-guitars.jpg
secure.cdunsigned.com/img/covers/ 18 KB
18 KB 167ms
164ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/mark-james-and-the-technicolor-vibe-dangerous-guitars.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf1e3a4f47f40b7876c800629857888c841908c2234b7880ea8544c1e418ac3b

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18373
cf-request-id: 057ea27bb70000060558047200000001
last-modified: Sat, 03 Sep 2016 10:56:14 GMT
server: cloudflare
etag: "57caac4e-47c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b83c0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 atomised-virtual-strangers.jpg
secure.cdunsigned.com/img/covers/ 16 KB
16 KB 166ms
163ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/atomised-virtual-strangers.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 692cc545d8abe00deae378bc460f9f73a7f454a49b49eba5db420e883bd75fd7

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15939
cf-request-id: 057ea27bb70000060558048200000001
last-modified: Fri, 03 Jun 2016 11:03:31 GMT
server: cloudflare
etag: "57516403-3e43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b83d0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 helder-oliveira-for-eternity.jpg
secure.cdunsigned.com/img/covers/ 7 KB
7 KB 134ms
132ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/helder-oliveira-for-eternity.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec9d7dfdd93ec3dd995676f9434b93a57bacbbb71de3e1695b995d79beb5389

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7147
cf-request-id: 057ea27bb70000060558049200000001
last-modified: Mon, 15 Feb 2016 14:58:17 GMT
server: cloudflare
etag: "56c1e789-1beb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b83e0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 annmarie-litany-of-the-saints.jpg
secure.cdunsigned.com/img/covers/ 15 KB
15 KB 169ms
166ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/annmarie-litany-of-the-saints.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc648acf97525822df35fbef5c84bf45c870082f2be7e790b4789c071413241

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15635
cf-request-id: 057ea27bb7000006055804a200000001
last-modified: Tue, 02 Feb 2016 14:17:06 GMT
server: cloudflare
etag: "56b0ba62-3d13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b83f0605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 annmarie-I-love-you-more.jpg
secure.cdunsigned.com/img/covers/ 15 KB
15 KB 149ms
146ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/covers/annmarie-I-love-you-more.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca079c3a95bfe4df7e1111b2594135611b3baf70e44feb546066e77081ee78f4

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14955
cf-request-id: 057ea27bb7000006055804b200000001
last-modified: Tue, 26 Jan 2016 13:42:26 GMT
server: cloudflare
etag: "56a777c2-3a6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8410605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 find_us_on_facebook.png
secure.cdunsigned.com/img/ 2 KB
2 KB 136ms
134ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/find_us_on_facebook.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabffb648b42883485ff2f5adaa6ce307dd24e522b3bf071965450309ab7441b

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2434
cf-request-id: 057ea27bb7000006055804c200000001
last-modified: Tue, 13 Mar 2012 11:59:47 GMT
server: cloudflare
etag: "4f5f36b3-982"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8420605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 follow_us_on_twitter.png
secure.cdunsigned.com/img/ 6 KB
6 KB 131ms
129ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/follow_us_on_twitter.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33a282f8dbd6fb2323f2f4d7d292d83da258dcec485a0ea4cc09880dc45fbbe3

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5860
cf-request-id: 057ea27bb7000006055804d200000001
last-modified: Tue, 13 Mar 2012 11:59:47 GMT
server: cloudflare
etag: "4f5f36b3-16e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8440605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 google_plus.png
secure.cdunsigned.com/img/ 2 KB
3 KB 176ms
174ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/google_plus.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99d513ae70dac6c99271d5bf99733a1f70849d0623635d21d547d5294cb18360

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2526
cf-request-id: 057ea27bb7000006055804e200000001
last-modified: Tue, 13 Mar 2012 11:59:47 GMT
server: cloudflare
etag: "4f5f36b3-9de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8450605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 payment_methods.png
secure.cdunsigned.com/img/ 6 KB
6 KB 175ms
173ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/payment_methods.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95ea6ecff0826b3cf6570d40a2e3ceff6dea46e113f36a8866bb1fa85b4ad47a

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6018
cf-request-id: 057ea27bb7000006055804f200000001
last-modified: Tue, 13 Mar 2012 11:59:47 GMT
server: cloudflare
etag: "4f5f36b3-1782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8460605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 buttons.js Show response
ws.sharethis.com/button/ 58 KB
16 KB 22ms
7ms Script
application/javascript 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 866113fd529be92a3f46b7f293cffd7dcb9774201814d0f1b54f6b4699a75999

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 09:02:52 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 238842
etag: W/"5f4b0a12-e78c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: zxMDoyVBvecpb563-cP2psdv5j8pI-MBQntL7lJDlcIR602lLBWqbQ==
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
expires: Wed, 30 Sep 2020 09:02:52 GMT

GET
H2 200 background.jpg
secure.cdunsigned.com/img/ 208 KB
208 KB 186ms
185ms Image
image/jpeg 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/background.jpg
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1952d458dad1b2a0cc515456b0091e0eef0e3f4f468d3942c039db25bad4724

Request headers

Referer: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 213075
cf-request-id: 057ea27bb70000060558050200000001
last-modified: Mon, 15 Apr 2013 10:49:14 GMT
server: cloudflare
etag: "516bdb2a-34053"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372b8470605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 button-blue.png
secure.cdunsigned.com/img/ 5 KB
6 KB 189ms
189ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/button-blue.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed3de4f3ca1518e886b165199e2654f0c0cddaecae636240c037b3fd398aa1c7

Request headers

Referer: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5535
cf-request-id: 057ea27bbb0000060558051200000001
last-modified: Mon, 15 Apr 2013 10:49:14 GMT
server: cloudflare
etag: "516bdb2a-159f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad372c8520605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/ 229 KB
87 KB 49ms
35ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87867
x-xss-protection: 0
server: cafe
etag: 4255136095123681698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Sep 2020 03:23:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/ Frame E4CC 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200924/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200924/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 29 Sep 2020 19:38:57 GMT
expires: Tue, 13 Oct 2020 19:38:57 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 27877
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 async-buttons.js Show response
ws.sharethis.com/button/ 89 KB
19 KB 7ms
7ms Script
application/javascript 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c406af0328ee20c44f251a61d22901ee28e68cc2bbe3f1c7ea06072c7d68b266

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 27 Sep 2020 11:36:20 GMT
content-encoding: gzip
server: nginx/1.16.1
age: 229634
etag: W/"5f4b0a52-162e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=259200
x-amz-cf-pop: FRA2-C2
x-robots-tag: noindex, nofollow
x-amz-cf-id: fJZreMm7cFfU8WuGz-UmAKxLnjokC7VVQ2xNhnB04zc0fZzH8Ar4dA==
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
expires: Wed, 30 Sep 2020 11:36:20 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:819::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3933
date: Wed, 30 Sep 2020 02:18:01 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 30 Sep 2020 04:18:01 GMT

GET
H2 200 back-to-top-arrow.png
secure.cdunsigned.com/img/ 796 B
984 B 147ms
147ms Image
image/png 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/back-to-top-arrow.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8945dbe7882b2378f00eced866866c9a3d1f1842f9e94cefbd8b450b7c0ec37d

Request headers

Referer: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 796
cf-request-id: 057ea27bea0000060558053200000001
last-modified: Fri, 18 Apr 2014 10:49:20 GMT
server: cloudflare
etag: "53510330-31c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad37318b80605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 menu_arrow.gif
secure.cdunsigned.com/img/ 61 B
473 B 135ms
135ms Image
image/gif 2606:4700:3037::681f:463d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.cdunsigned.com/img/menu_arrow.gif
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::681f:463d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6364ce957ac0a42c9313de0c28ceb815ed22e36d5f71eb123d6d791eb539dddf

Request headers

Referer: https://secure.cdunsigned.com/ccss/532596eda4_1580414914.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61
cf-request-id: 057ea27bf00000060558054200000001
last-modified: Mon, 15 Apr 2013 10:49:14 GMT
server: cloudflare
etag: "516bdb2a-3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1601436214"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 5daad37318c00605-FRA
expires: Fri, 30 Oct 2020 03:23:34 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame F5ED 0
0 21ms
6ms Document
text/html 2600:9000:2156:e600:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e600:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Wed, 26 Aug 2020 05:25:30 GMT
date: Wed, 30 Sep 2020 02:48:45 GMT
cache-control: max-age=3600, public
etag: W/"83a-174293a7110"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: QzNDWC9tRwtgyDXXw9Hu1lTsYgSEQKxNLT-BvSt7jvy9GSboBSHiHg==
age: 2089

GET
H2 200 buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 6ms
6ms Stylesheet
text/css 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 29 Sep 2020 06:25:34 GMT
content-encoding: gzip
last-modified: Sun, 30 Aug 2020 02:09:22 GMT
server: nginx/1.16.1
age: 75480
etag: W/"5f4b0a52-5a76"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA2-C2
x-robots-tag: noindex, nofollow
content-length: 3851
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-id: CO2NDoRKeOmrWBmgS5XqMZRvE-9mHakQwCrDwKOi2igvdJdBvbfZiA==

GET
H2 200 plusone.js Show response
apis.google.com/js/ 49 KB
20 KB 51ms
30ms Script
application/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9+4h2Hujn/hlKuYDaGoyhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
etag: "9d5cd1be658ea5e8c43387860482a354"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-9+4h2Hujn/hlKuYDaGoyhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 30 Sep 2020 03:23:34 GMT

GET
H2 200 facebook_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 8ms
6ms Image
image/png 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 30 Aug 2020 20:18:25 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 2617509
etag: "5f4b0a0d-977"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2423
x-amz-cf-id: S1JUS-VJEZKrHOOk66SPRt-HeLPZqtl42ZNTutKx7H8BP_DczSW00w==
expires: Mon, 30 Aug 2021 20:18:25 GMT

GET
H2 200 twitter_counter.png
ws.sharethis.com/images/2017/ 2 KB
3 KB 8ms
7ms Image
image/png 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_counter.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 14:12:46 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 1861848
etag: "5f4b0a0d-9ae"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
x-robots-tag: noindex, nofollow
content-length: 2478
x-amz-cf-id: EzMYxzR-S1GKXYONq9cdzU-9mCLR5NpcjBtbqix9qQcVZuOjePiLlw==
expires: Wed, 08 Sep 2021 14:12:46 GMT

GET
H2 200 email_counter.png
ws.sharethis.com/images/2017/ 2 KB
2 KB 8ms
7ms Image
image/png 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/email_counter.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: af6c4b21f7b4a51cf290db1dc17ff613cd7db54e14574587bebb6b9cf2a2082d

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 19 Sep 2020 00:25:14 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 961100
etag: "5f4b0a0d-741"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1857
x-amz-cf-id: Ewv6xt77rAQbNVozPWJ5UonAo1JuztavoW8om1Nm1l1KXtnCMUHW-g==
expires: Sun, 19 Sep 2021 00:25:14 GMT

GET
H2 200 sharethis_counter.png
ws.sharethis.com/images/2017/ 3 KB
3 KB 8ms
8ms Image
image/png 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/sharethis_counter.png
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Sep 2020 04:09:16 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 2330058
etag: "5f4b0a0d-a58"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 2648
x-amz-cf-id: wS5IIaW0egT21Kp7ORKMupHfdVosma2E6sx4feDhoO8ADvTw8i4J8Q==
expires: Fri, 03 Sep 2021 04:09:16 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
386 B 35ms
20ms Image
image/gif 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2003472613&utmhn=secure.cdunsigned.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CD%20Unsigned%20%3A%20New%20music!%20Unsigned%20bands!%20New%20CDs!%20You%20heard%20it%20here%20first!&utmhid=645314041&utmr=-&utmp=%2F&utmht=1601436214283&utmac=UA-22407169-1&utmcc=__utma%3D100091420.828853274.1601436214.1601436214.1601436214.1%3B%2B__utmz%3D100091420.1601436214.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=573070715&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 03:23:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 myspace_16.png
ws.sharethis.com/images/2017/ 658 B
1016 B 7ms
6ms Image
image/png 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/myspace_16.png
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 20340b54ea09c9d922e1fc489c630d6b350007da4d1c05db13c96e93d3a78931

Request headers

Referer: https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 15:42:24 GMT
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server: nginx/1.16.1
age: 992470
etag: "5f4b0a0d-292"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 658
x-amz-cf-id: ltTP2cgepGhTDQh7_6J-ABt-ujQmxPADsHVbBlvBY7e_ICCW7iydgA==
expires: Sat, 18 Sep 2021 15:42:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=secure.cdunsigned.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=secure.cdunsigned.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame D028 0
0 110ms
109ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=15&slotname=3854374124&adk=294903504&adf=1258322385&w=468&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214206&bpp=15&bdt=187&idt=89&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3870765975709&frm=20&pv=2&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=576168&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=822&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bELgeRFmBQ&p=https%3A//secure.cdunsigned.com&dtd=117

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1131770512284883&output=html&h=15&slotname=3854374124&adk=294903504&adf=1258322385&w=468&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214206&bpp=15&bdt=187&idt=89&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3870765975709&frm=20&pv=2&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=576168&dssz=18&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=822&ady=117&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&xpc=bELgeRFmBQ&p=https%3A//secure.cdunsigned.com&dtd=117
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Sep 2020 03:23:34 GMT
server: cafe
content-length: 5595
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Sep-2020 03:38:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Sep 2020 03:23:34 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601324937789907"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27581
x-xss-protection: 0
expires: Wed, 30 Sep 2020 03:23:34 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame BD70 0
0 98ms
96ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&w=728&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214229&bpp=2&bdt=210&idt=107&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=34130600&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gt2c1szldx&p=https%3A//secure.cdunsigned.com&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1131770512284883&output=html&h=90&slotname=4431810172&adk=2952773834&adf=4043485071&w=728&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214229&bpp=2&bdt=210&idt=107&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=34130600&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=336&ady=1733&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Gt2c1szldx&p=https%3A//secure.cdunsigned.com&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Sep 2020 03:23:34 GMT
server: cafe
content-length: 200
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Sep-2020 03:38:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Sep 2020 03:23:34 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 68C8 0
0 93ms
93ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&w=120&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214240&bpp=1&bdt=222&idt=120&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=34130600&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q1O48e9UYH&p=https%3A//secure.cdunsigned.com&dtd=123

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1131770512284883&output=html&h=240&slotname=5908543374&adk=992070675&adf=654227663&w=120&lmt=1601436214&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&flash=0&wgl=1&dt=1601436214240&bpp=1&bdt=222&idt=120&shv=r20200924&cbv=r20190131&ptt=5&saldr=sa&abxe=1&prev_slotnames=3854374124%2C4431810172&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=34130600&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1124&ady=1409&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&pvsid=4047699259642629&pem=426&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q1O48e9UYH&p=https%3A//secure.cdunsigned.com&dtd=123
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 30 Sep 2020 03:23:34 GMT
server: cafe
content-length: 199
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 30-Sep-2020 03:38:34 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Sep 2020 03:23:34 GMT
cache-control: private

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
343 B 98ms
24ms XHR
text/plain 18.195.43.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=4b3a56a-174dd0963e4-50dd2183-1&sessionID=1601436214244.15566&hostname=secure.cdunsigned.com&location=%2F&product=widget&fcmp=false&publisher=ceeabfe0-90c8-4c82-94e1-8dc631b37c7f&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&title=CD%20Unsigned%20%3A%20New%20music!%20Unsigned%20bands!%20New%20CDs!%20You%20heard%20it%20here%20first!&sop=false&description=The%20biggest%20British%20online%20CD%20store%20for%20unsigned%20bands!%20New%20and%20emerging%20music!%20Discover%20CDs%20by%20the%20hottest%20unsigned%20bands%2C%20released%20by%20the%20bands%20themselves.%20Listen%20to%20tracks%20from%20their%20CDs%20online.%20Sell%20your%20CD%20online.
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.43.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-43-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 03:23:34 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://secure.cdunsigned.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 140 KB
49 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 28 Sep 2020 11:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 144706
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50000
x-xss-protection: 0
expires: Tue, 28 Sep 2021 11:11:48 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/ 97 KB
34 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4250d2e93e23de1be0aa5fadca3cd72d3e1f92337f3ce9947e7afe29cdfec0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 14:58:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 02 Aug 2020 22:35:54 GMT
server: sffe
age: 476681
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34307
x-xss-protection: 0
expires: Fri, 24 Sep 2021 14:58:53 GMT

GET
H3-Q050 404 fastbutton
apis.google.com/se/0/_/+1/ Frame 8B94 0
0 42ms
37ms Document
text/html 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DFWCUlBjBFvvUL2w655wpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&count=false&origin=https%3A%2F%2Fsecure.cdunsigned.com&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=J5ZUPogeNbqdnVWtSXnDMEOiQYjPk646tYllMTNAeMZDZjwivmjnCsEnp4-wPaISkjRvFqKBT8YtwYQ35SGv1C2vybodk9xSYAIY7PQHHSLyepAYYaKRzkr-SKPpwF33w-pIQB0RlRfjNthlQOZq6TpHWSHrZ9jwawII1YEJxOw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 404
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Sep 2020 03:23:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-DFWCUlBjBFvvUL2w655wpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content pview
l.sharethis.com/ 0
315 B 23ms
23ms Image
text/plain 18.195.43.194
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=4b3a56a-174dd0963e4-50dd2183-1&sessionID=1601436214244.15566&hostname=secure.cdunsigned.com&location=%2F&product=widget&fcmp=false&publisher=ceeabfe0-90c8-4c82-94e1-8dc631b37c7f&bsamesite=true&consentDomain=.consensu.org&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&title=CD%20Unsigned%20%3A%20New%20music!%20Unsigned%20bands!%20New%20CDs!%20You%20heard%20it%20here%20first!&sop=false&description=The%20biggest%20British%20online%20CD%20store%20for%20unsigned%20bands!%20New%20and%20emerging%20music!%20Discover%20CDs%20by%20the%20hottest%20unsigned%20bands%2C%20released%20by%20the%20bands%20themselves.%20Listen%20to%20tracks%20from%20their%20CDs%20online.%20Sell%20your%20CD%20online.&description=The%20biggest%20British%20online%20CD%20store%20for%20unsigned%20bands!%20New%20and%20emerging%20music!%20Discover%20CDs%20by%20the%20hottest%20unsigned%20bands%2C%20released%20by%20the%20bands%20themselves.%20Listen%20to%20tracks%20from%20their%20CDs%20online.%20Sell%20your%20CD%20online.&img_pview=true
Requested by: Host: secure.cdunsigned.com
URL: https://secure.cdunsigned.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.43.194 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-43-194.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 30 Sep 2020 03:23:34 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 postmessageRelay
accounts.google.com/o/oauth2/ Frame 1DC7 0
0 91ms
72ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MxWo06+/TIs2Y2j5CfinSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fsecure.cdunsigned.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.hc3rLxj9u8o.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMtAagp6kGxB19Nep_bTJunj37kww%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=204=J5ZUPogeNbqdnVWtSXnDMEOiQYjPk646tYllMTNAeMZDZjwivmjnCsEnp4-wPaISkjRvFqKBT8YtwYQ35SGv1C2vybodk9xSYAIY7PQHHSLyepAYYaKRzkr-SKPpwF33w-pIQB0RlRfjNthlQOZq6TpHWSHrZ9jwawII1YEJxOw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 30 Sep 2020 03:23:34 GMT
content-security-policy: script-src 'report-sample' 'nonce-MxWo06+/TIs2Y2j5CfinSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 128 KB
44 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f2dcfc1e72824387d9851a2c96a5b20848ac6fb25ab481bbd305c3f2315a7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45183
x-xss-protection: 0
server: cafe
etag: 17680645947560749777
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 30 Sep 2020 03:23:34 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
25ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200924&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a64d53e066cdca21147e9277e2796589b5c09fcefff93931121b31a1a98cac2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6231
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 70C2 0
0 16ms
15ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1131770512284883&output=html&adk=1812271804&adf=3025194257&lmt=1601436214&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1601436214812&bpp=1&bdt=793&idt=2&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3854374124%2C4431810172%2C5908543374&nras=1&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=2181614248&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H8T_-MV6vOgl16qERiYHuB7crAxyhfk69V7T6RoHspKFmqiVzOjSQ&pvsid=4047699259642629&pem=426&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1131770512284883&output=html&adk=1812271804&adf=3025194257&lmt=1601436214&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsecure.cdunsigned.com%2F&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1601436214812&bpp=1&bdt=793&idt=2&shv=r20200924&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=3854374124%2C4431810172%2C5908543374&nras=1&correlator=3870765975709&frm=20&pv=1&ga_vid=828853274.1601436214&ga_sid=1601436214&ga_hid=645314041&ga_fc=1&iag=0&icsg=2181614248&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=3&psts=AGkb-H8T_-MV6vOgl16qERiYHuB7crAxyhfk69V7T6RoHspKFmqiVzOjSQ&pvsid=4047699259642629&pem=426&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 30 Sep 2020 03:23:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlfoNRm5UfqWBNR_HmXHiyuGDqFND3G7a0NFO-T8fnS_lFymqpkqMCcQ6QU; expires=Mon, 25-Oct-2021 03:23:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Sep 2020 03:23:34 GMT
cache-control: private

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
21ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200924/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 30 Sep 2020 03:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Wed, 30 Sep 2020 03:23:34 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 1796 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Tue, 29 Sep 2020 20:41:33 GMT
expires: Wed, 29 Sep 2021 20:41:33 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 24121
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
85 B 16ms
15ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20200924&jk=4047699259642629&bg=!i4iliJBYknonGl_YSNgCAAAATFIAAAAMCgIawKelH6qoy-Mmxtf5S3ZkXEv4_CKT3HBKE-6pNMnJhlVNuAdzUZ8au0f5So1y1bPmSJsVbooO4SaUidyT8Yfuv1XtEpvyW-ae32NGFb7YAltYuzZ-LJhk0rN4VDAAcNYVubpdvEsZnTNGqpC9Lra8tO0lG11BSYzf1CtZLNrJFsOGGQBcDnzZIy16F7aayo_MLQog0aImdM9qqRdiu6x5Fn6XvZk9y_VdhkIT_HkL1fYk6Ln-kORmiFrAHuVlYE-FTAECNdDNJ-LtAiQhlnYIpAXDuz8mEXE1MR4H2chE8oFHODOXCO4UKFl-0QSiwFlh8DNmbPfYN8ueYO-fd0Db8UcU9EvJpTXN-SJpifXF9SFbcGPNya6qVBs5Gfyt9ZJ0Edz3T8ej9KDAYym7OGdPuWjNJNGAnEBMNPRKMksNnwQMsXRoMdsHybTBzYX0DjQCgNDmZQDlCOFsL0_KBiRTnF34UsIX-BaMSrpOrykG9S2t1S1dffzt48g2INGh0YHsTZLeZl4xIH6LAjGkzs99lszlunkxvp5ns-4_ohJClPtjbvPXvQ0vZj7TCTnbdaB1K3lPESrUGQLnTNNA_fbiRyJMWfDrzjTkNHSHm7i0CELRFAhb-JwckqMq4I2rJ76M5XV-VIlJcBEsJfJ6Oo5m9LyhtStJ7PR6CcSCopjnWqfOY8mFvhj1tIBfsG4mPzZTYDaFuaIhS0naV5kBrpupJEXBvLDeGwnWOMcCkcPL2IkHg7_iNct3-RIr-QF_iYxNhJtZ4svvtsPr0N5NnTotx7U3Wdge1NivnPFOfRwEt6ADORT3uqfntqdTuqk6my8EhUG9QRYtebfsA15sJQhu7ReWMWsV1kzyMBunEhUuOxYUE5oMLCRRNYuntzYfg1rwv3B_RRIFsIWYujnUG3aVL0dKCLQvQtDDSJ3z4Fa9ko00OSjZU9UNpn0daLHvv-1Ltfv9x66D07InVna-jZMKR7Rel45HkFg_MCezGHFlrNSiZlPBoA900IKxnE_wbluFFNNXn4dy9ZXhxfv2BBorLB9sI1FRXax4zrO6joDFUhsZADRHvrhDDPvFCYDTNwx06Nna7mA9CJwfPbpFyZ_DFHZFBcRgFymb67SQ07czqvbWuDsi-zfDqmQHmyvXDySb-DEuJOLdM6oc_qhXRdNY7LVAAGqDoHDBdYmFlEBKv4izRyodAXEReDpa4LqsgEEeGq6NJ3-OuSIeEz0VXfVC5XQ_-tXIrkoj9Blp-Mjjna7eseBTQvPlczm7OLHgQC_RTLH2RmTUgwBcFGQ

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.cdunsigned.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Sep 2020 03:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html
ws.sharethis.com/secure5x/ Frame DE9D 0
0 7ms
6ms Document
text/html 2600:9000:21f3:b000:3:c04e:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b000:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

:method: GET
:authority: ws.sharethis.com
:scheme: https
:path: /secure5x/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.cdunsigned.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.cdunsigned.com/

Response headers

status: 200
content-type: text/html
content-length: 4083
content-encoding: gzip
last-modified: Sun, 30 Aug 2020 02:09:22 GMT
server: nginx/1.16.1
x-robots-tag: noindex, nofollow
date: Tue, 29 Sep 2020 03:46:29 GMT
etag: "5f4b0a52-390f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: K5TMZgHi4jN_KuOs26n0D1wndOPcUhWFIvFRMmqgWm9LNd0ZewXdww==
age: 85026

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 17:14:07	Name: NID Value: 204=J5ZUPogeNbqdnVWtSXnDMEOiQYjPk646tYllMTNAeMZDZjwivmjnCsEnp4-wPaISkjRvFqKBT8YtwYQ35SGv1C2vybodk9xSYAIY7PQHHSLyepAYYaKRzkr-SKPpwF33w-pIQB0RlRfjNthlQOZq6TpHWSHrZ9jwawII1YEJxOw
.doubleclick.net/	1970-01-19 12:50:37	Name: test_cookie Value: CheckForPermission
.secure.cdunsigned.com/	1969-12-31 23:59:59	Name: __utmc Value: 100091420
.secure.cdunsigned.com/	1970-01-19 12:50:38	Name: __utmb Value: 100091420.1.10.1601436214
.cdunsigned.com/	1970-01-19 19:23:24	Name: __unam Value: 4b3a56a-174dd0963e4-50dd2183-2
.secure.cdunsigned.com/	1970-01-19 12:50:36	Name: __utmt Value: 1
.cdunsigned.com/	1970-01-19 13:33:48	Name: __cfduid Value: dd2e02289ee0b1b1ba99a61ed700f9db21601436213
.secure.cdunsigned.com/	1970-01-19 17:13:24	Name: __utmz Value: 100091420.1601436214.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.secure.cdunsigned.com/	1970-01-20 06:21:48	Name: __utma Value: 100091420.828853274.1601436214.1601436214.1601436214.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
c.sharethis.mgr.consensu.org
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
secure.cdunsigned.com
ssl.google-analytics.com
tpc.googlesyndication.com
ws.sharethis.com
www.googletagservices.com
18.195.43.194
2600:9000:2156:e600:c:a9b7:ddc0:93a1
2600:9000:21f3:b000:3:c04e:c780:93a1
2606:4700:3037::681f:463d
2a00:1450:4001:800::2001
2a00:1450:4001:800::200d
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2008
2a00:1450:4001:814::200e
2a00:1450:4001:816::2002
2a00:1450:4001:819::2008
2a00:1450:4001:825::200a
00ebfb3d9229f342c2c07ffcfb491572286ccd4da9adea460a76f2f66865acf7
02d12a7e9f88ce45449a2a4440423d08040d82f64657851548b5acda1645e964
038d8aa9fa1a952aec7c8e38ac0cbb3e460ebbcc2838b36ebea534556ee95f87
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fc648acf97525822df35fbef5c84bf45c870082f2be7e790b4789c071413241
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1fcb28b6caedb89690a8929fc3ed35df1d6cd28559991dc6eb8c3763878711ac
20340b54ea09c9d922e1fc489c630d6b350007da4d1c05db13c96e93d3a78931
27138ea2fc2f458792e57948d907c28790c819f844bc8478f18ceabfcfeb8cd6
33a282f8dbd6fb2323f2f4d7d292d83da258dcec485a0ea4cc09880dc45fbbe3
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
3f2dcfc1e72824387d9851a2c96a5b20848ac6fb25ab481bbd305c3f2315a7f7
4250d2e93e23de1be0aa5fadca3cd72d3e1f92337f3ce9947e7afe29cdfec0ff
46c234230b7e6926223ed04e6112e1fe85ed6fcb6e1e8585d77bef2be1e83167
4e2b38b4f0180fd5671604c482ae7b38eaa7d3b008099314bd261206045b0413
6364ce957ac0a42c9313de0c28ceb815ed22e36d5f71eb123d6d791eb539dddf
692cc545d8abe00deae378bc460f9f73a7f454a49b49eba5db420e883bd75fd7
6bafc27cf997ceee51c6cf602c1ad80fe72f52e723f09248771b95b7a3a43bda
70979fad625ab9090cde420d3e142628aeede9ec487315594f56492562b27361
80de28f746d0056d4800d1e36a5383d687bd90fa74e9450e2d7dfd47cd68c301
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866113fd529be92a3f46b7f293cffd7dcb9774201814d0f1b54f6b4699a75999
8945dbe7882b2378f00eced866866c9a3d1f1842f9e94cefbd8b450b7c0ec37d
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
95ea6ecff0826b3cf6570d40a2e3ceff6dea46e113f36a8866bb1fa85b4ad47a
99d513ae70dac6c99271d5bf99733a1f70849d0623635d21d547d5294cb18360
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a64d53e066cdca21147e9277e2796589b5c09fcefff93931121b31a1a98cac2b
aabffb648b42883485ff2f5adaa6ce307dd24e522b3bf071965450309ab7441b
aeae37bae2130513ef8b5ea4fde8fd776b32ff8969b848b59399a63d9455e29a
af6c4b21f7b4a51cf290db1dc17ff613cd7db54e14574587bebb6b9cf2a2082d
b1952d458dad1b2a0cc515456b0091e0eef0e3f4f468d3942c039db25bad4724
b3bced731551742c6650ab334aa71a77b940d7f2a20996d1eefc6bba4cebbb59
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c406af0328ee20c44f251a61d22901ee28e68cc2bbe3f1c7ea06072c7d68b266
c7f619c5be91f7b36a157fdedeb8d343f23a838fd2aee4d8f39fae802f90994e
ca079c3a95bfe4df7e1111b2594135611b3baf70e44feb546066e77081ee78f4
cdac2738fbf17f3a957d6cb8a881adef9a06123d11447d9fd2ec2973bc926e16
cf1e3a4f47f40b7876c800629857888c841908c2234b7880ea8544c1e418ac3b
e1110d6224007a5660337e34cb8db539ca7f7d6cbe48c29f705e59ab587ac77c
e1dab5441fc5ea9439d17f4adc60e14e65f0c0597598cff7f56802a44d6ee9a0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e819c3010c37b5f88d7ac407263e148963d654b78111aa7b45f90370fabdb23d
ed3de4f3ca1518e886b165199e2654f0c0cddaecae636240c037b3fd398aa1c7
eec9d7dfdd93ec3dd995676f9434b93a57bacbbb71de3e1695b995d79beb5389
f06dd5f15298c922443c5b8b64531ea4c2f7a84de0f73a84a3cc7a238babd8d2

secure.cdunsigned.com Open in urlscan Pro 2606:4700:3037::681f:463d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

100 %HTTPS

92 %IPv6

10 Domains

14 Subdomains

13 IPs

2 Countries

885 kBTransfer

1808 kBSize

9 Cookies

4 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.cdunsigned.com Open in urlscan Pro
2606:4700:3037::681f:463d Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

14
Subdomains

13
IPs

2
Countries

885 kB
Transfer

1808 kB
Size

9
Cookies

59 HTTP transactions
0 data transactions