fromthemachine.org Open in urlscan Pro
144.202.76.220 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fromthemachine.org/XOXO.html
Submission: On June 22 via api (June 22nd 2021, 1:39:19 am UTC) from US

Summary HTTP 119 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 25 domains to perform 119 HTTP transactions. The main IP is 144.202.76.220, located in Dallas, United States and belongs to AS-CHOOPA, US. The main domain is fromthemachine.org.

This is the only time fromthemachine.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	144.202.76.220 144.202.76.220	20473 (AS-CHOOPA) (AS-CHOOPA)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	52.166.11.26 52.166.11.26	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2606:4700:10:... 2606:4700:10::ac43:1687	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
22 44	192.0.72.31 192.0.72.31	2635 (AUTOMATTIC) (AUTOMATTIC)
1 1	184.168.131.241 184.168.131.241	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1 2	3.123.248.34 3.123.248.34	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1 6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.112.193 151.101.112.193	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
20	2606:4700:10:... 2606:4700:10::6816:379f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.9.60.67 52.9.60.67	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
119	30

11 144.202.76.220 (Dallas, United States)

ASN20473 (AS-CHOOPA, US)
PTR: arkho.me

fromthemachine.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.166.11.26 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

addsearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:1687 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hypothes.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.hypothes.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 192.0.72.31 (United States) 22 redirects

ASN2635 (AUTOMATTIC, US)

highenius.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.168.131.241 (United States) 1 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net

slack.reallyhim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.248.34 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-248-34.eu-central-1.compute.amazonaws.com

join.slack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eyerc.slack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:10::6816:379f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hypothes.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hypothes.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.9.60.67 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-60-67.us-west-1.compute.amazonaws.com

play.rust-lang.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	wordpress.com 22 redirects highenius.files.wordpress.com	2 MB
22	hypothes.is 1 redirects hypothes.is cdn.hypothes.is	278 KB
21	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	337 KB
11	fromthemachine.org fromthemachine.org	497 KB
7	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	26 KB
5	gstatic.com fonts.gstatic.com	74 KB
5	addthis.com 1 redirects s7.addthis.com	220 KB
4	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	googletagservices.com www.googletagservices.com	65 KB
2	google.de adservice.google.de	975 B
2	rust-lang.org play.rust-lang.org	15 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	slack.com 1 redirects join.slack.com eyerc.slack.com	420 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	61 KB
1	sentry.io sentry.io	401 B
1	googleadservices.com partner.googleadservices.com	663 B
1	addthisedge.com v1.addthisedge.com	2 KB
1	moatads.com z.moatads.com	1 KB
1	imgur.com i.imgur.com	12 KB
1	reallyhim.com 1 redirects slack.reallyhim.com	282 B
1	addsearch.com addsearch.com	1004 B
1	jquery.com code.jquery.com	29 KB
1	jsdelivr.net cdn.jsdelivr.net	3 KB
119	25

	Domain	Requested by
44	highenius.files.wordpress.com	22 redirects fromthemachine.org
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	cdn.hypothes.is	fromthemachine.org hypothes.is cdn.hypothes.is
11	hypothes.is	1 redirects cdn.hypothes.is
11	fromthemachine.org	fromthemachine.org
10	pagead2.googlesyndication.com	fromthemachine.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	s7.addthis.com	1 redirects fromthemachine.org s7.addthis.com
3	fonts.googleapis.com	fromthemachine.org tpc.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	play.rust-lang.org	code.jquery.com
2	www.google-analytics.com	fromthemachine.org www.google-analytics.com
2	platform.twitter.com	fromthemachine.org platform.twitter.com
2	maxcdn.bootstrapcdn.com	fromthemachine.org maxcdn.bootstrapcdn.com
1	sentry.io	cdn.hypothes.is
1	stats.g.doubleclick.net	www.google-analytics.com
1	syndication.twitter.com	platform.twitter.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	i.imgur.com	fromthemachine.org
1	eyerc.slack.com	fromthemachine.org
1	join.slack.com	1 redirects
1	slack.reallyhim.com	1 redirects
1	addsearch.com	fromthemachine.org
1	code.jquery.com	fromthemachine.org
1	cdn.jsdelivr.net	fromthemachine.org
119	31

This site contains links to these domains. Also see Links.

Domain
tithehe.lamc.la
accounts.google.com
eyerc.slack.com
en.wikipedia.org
twitter.com
www.instagram.com
www.prlog.org
www.youtube.com
www.linkedin.com
sendvid.com
www.gnu.org
rinkeby.aragon.org
www.facebook.com
flowcrypt.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.addsearch.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-08-05` - `2021-09-03`	a year	crt.sh
hypothes.is Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2020-12-21` - `2022-01-21`	a year	crt.sh
slack.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-13` - `2022-04-18`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.imgur.com DigiCert SHA2 Secure Server CA	`2020-01-15` - `2022-03-16`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
play.rust-lang.org R3	`2021-06-09` - `2021-09-07`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://fromthemachine.org/XOXO.html
Frame ID: F6F89F97F58AD910166C8D9102217C04
Requests: 76 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffromthemachine.org
Frame ID: 8D4341E71774F1638D10E7ED5CDB2A22
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372
Frame ID: 8D9B8C9E38B182175E63342500E5D9CC
Requests: 7 HTTP requests in this frame

Frame: https://hypothes.is/app.html
Frame ID: 76BCA89EA97C27935B8CBC5917107069
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html
Frame ID: EBAA4B7F5B6D6B0150BD1A8D34D81E68
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 82DA8B33281967EB68B32ADFCC549775
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html
Frame ID: 4E8379EE4F847B6E0D0BE5C7BF3123BE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&adk=1812271804&adf=3025194257&lmt=1614001644&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&ea=0&flash=0&pra=7&wgl=1&dt=1624325927493&bpp=3&bdt=1547&idt=3&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De6b9dba7e22c0a74-2273dbde14c90032%3AT%3D1624325926%3ART%3D1624325926%3AS%3DALNI_MYLcvU_lLboJU9CCYpGh6_QnMMXoA&prev_slotnames=4355365452&nras=1&correlator=8490097124984&frm=20&pv=1&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&psts=AGkb-H80Iz41RhN_2gVqtBcq617w3UdUOKkxjpAV0dKsplPuIdOS5_qmCFcv2skLK35huYgYz-lpG4ESE-E&pvsid=410151480498104&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=50
Frame ID: E7EECC14DE77C79E3733FF6A33447FA5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 1CC9B6FFB63022386EA8F5AA46CB1C87
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B612C06BCF77CC21BC6AF75654C83C00
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

119
Requests

87 %
HTTPS

61 %
IPv6

25
Domains

31
Subdomains

30
IPs

4
Countries

3893 kB
Transfer

6608 kB
Size

9
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: http://tithehe.lamc.la/
Title: itable dona

Search URL Search Domain Scan URL

URL: http://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=http://mail.google.com/mail/?ui%3D2%26ik%3D9767b07e66%26view%3Dfimg%26th%3D162280a899f70e51%26attid%3D0.12%26disp%3Demb%26realattid%3Dii_jeq6zkyz31_16221599c834d094%26attbid%3DANGjdJ_zDQhw-mRL3yzmNc-hErUNqpEsTQkr6B_NrEIv9h-JWGbnmSRuVRq3FT2BZrlEx819EAaOIkFXV370A0xFYiNvNZCZi_YLUJS_dM48izMBEBDT5n2dgRlI-xc%26sz%3Dw376-h296%26ats%3D1521090210085%26rm%3D162280a899f70e51%26zw%26atsh%3D1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1

Search URL Search Domain Scan URL

URL: http://eyerc.slack.com/join/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Special:Contributions/Damonthesis
Title: you are a slave--if you aren't careful

Search URL Search Domain Scan URL

URL: http://twitter.com/TaylorMomsen
Title: yetserday's musical selection

Search URL Search Domain Scan URL

URL: http://www.instagram.com/p/BgNUSFdFo1w/?taken-by=yitsheyzeus

Search URL Search Domain Scan URL

URL: http://www.instagram.com/p/BgNXUk9lPci/?taken-by=yitsheyzeus

Search URL Search Domain Scan URL

URL: http://www.instagram.com/p/BgNUupGlIKQ/?taken-by=yitsheyzeus

Search URL Search Domain Scan URL

URL: http://www.prlog.org/12652687-the-new-american-standard-for-da-qs.html

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=LOZuxwVk7TU

Search URL Search Domain Scan URL

URL: http://www.youtube.com/playlist?list=PLgYKDBgxsoMMzfaYwNB9CK4E3Hure3h1G
Title: Five to One" to a ballroom

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pulse/i-found-afikomen-its-easter-egg-island-eden-s0nrise-dobrin
Title: from

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=xfxuydhuQfE
Title: Enver

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=Uwzg7SYZKF0&list=PLgYKDBgxsoMPrnVh3DiutJ2bZNwk6N_14
Title: to dance with her

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=KyRKh5Czbmo
Title: door knocking

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=tXc4jgUJEko
Title: on Gossip Girl

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=Sws3MZJIv9c&list=PLgYKDBgxsoMM0iittdDlREVqTc4wn7ylK
Title: Little Cindy-Adam in Dr. Zeus's Adamvillish story

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=C-u5WLJ9Yk4
Title: my loneliness is killing me

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=E_jowRui9QM
Title: Lonely

Search URL Search Domain Scan URL

URL: http://www.youtube.com/watch?v=AJWtLf4-WWs
Title: Stronger than Yesterday

Search URL Search Domain Scan URL

URL: http://sendvid.com/v7w7lt2j
Title: "unsung" story

Search URL Search Domain Scan URL

URL: https://eyerc.slack.com/join/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ

Search URL Search Domain Scan URL

URL: https://www.gnu.org/licenses/old-licenses/gpl-2.0.en.html
Title: the GNU GPL v2.0 license

Search URL Search Domain Scan URL

URL: https://rinkeby.aragon.org/#/gibraltar
Title: iving Ethereum contrac

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=0ANXgrd3f28&CL&DO&CBIG1adl
Title: aster/Paglen (and honorably PK]

Search URL Search Domain Scan URL

URL: http://www.facebook.com/admdbrn
Title: get me on facebook

Search URL Search Domain Scan URL

URL: https://flowcrypt.com/me/adam5
Title: via FlowCrypt

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://hypothes.is/embed.js HTTP 302
https://cdn.hypothes.is/hypothesis

Request Chain 13

http://highenius.files.wordpress.com/2018/03/image30.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image30.png

Request Chain 14

http://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-10-40-19-am1.png HTTP 301
https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-10-40-19-am1.png

Request Chain 15

http://slack.reallyhim.com/ HTTP 301
http://join.slack.com/t/eyerc/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ HTTP 307
https://join.slack.com/t/eyerc/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ HTTP 302
https://eyerc.slack.com/join/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ

Request Chain 16

http://highenius.files.wordpress.com/2018/03/image56.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image56.png

Request Chain 17

http://highenius.files.wordpress.com/2018/03/image55.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image55.png

Request Chain 18

http://highenius.files.wordpress.com/2018/03/image49.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image49.png

Request Chain 19

http://highenius.files.wordpress.com/2018/03/image46.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image46.png

Request Chain 20

http://highenius.files.wordpress.com/2018/03/wessenmadewarning2.png HTTP 301
https://highenius.files.wordpress.com/2018/03/wessenmadewarning2.png

Request Chain 21

http://highenius.files.wordpress.com/2018/03/billboard2.png HTTP 301
https://highenius.files.wordpress.com/2018/03/billboard2.png

Request Chain 22

http://highenius.files.wordpress.com/2018/03/image63.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image63.png

Request Chain 23

http://highenius.files.wordpress.com/2018/03/image54.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image54.png

Request Chain 24

http://highenius.files.wordpress.com/2018/03/image61.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image61.png

Request Chain 25

http://highenius.files.wordpress.com/2018/03/image48.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image48.png

Request Chain 26

http://highenius.files.wordpress.com/2018/03/image57.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image57.png

Request Chain 27

http://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-12-43-17-pm2.png HTTP 301
https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-12-43-17-pm2.png

Request Chain 28

http://highenius.files.wordpress.com/2018/03/image47.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image47.png

Request Chain 29

http://highenius.files.wordpress.com/2018/03/image52.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image52.png

Request Chain 30

http://highenius.files.wordpress.com/2018/03/image64.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image64.png

Request Chain 31

http://highenius.files.wordpress.com/2018/03/image62.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image62.png

Request Chain 32

http://highenius.files.wordpress.com/2018/03/image59.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image59.png

Request Chain 33

http://highenius.files.wordpress.com/2018/03/image60.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image60.png

Request Chain 34

http://highenius.files.wordpress.com/2018/03/image53.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image53.png

Request Chain 35

http://highenius.files.wordpress.com/2018/03/image51.png HTTP 301
https://highenius.files.wordpress.com/2018/03/image51.png

Request Chain 40

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 51

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 93

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

119 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request XOXO.html Show response
fromthemachine.org/ 85 KB
40 KB 312ms
284ms Document
text/html 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e31df2644a9070cc082f2a77dbcc355f11598e82e718f7634fc7d17cfa05fc17

Request headers

Host: fromthemachine.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:45 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Mon, 22 Feb 2021 13:47:24 GMT
ETag: "152e6-5bbed0aacf6dd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 40503
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK book.css
fromthemachine.org/ 18 KB
4 KB 303ms
277ms Stylesheet
text/css 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/book.css
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f03119a0b9bdfaf4b69b410a40c5cce3f1a884838053897428cd23ea50d2b34d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "490e-5a7aae73ecc1c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3535

GET
H2 200 css
fonts.googleapis.com/ 20 KB
1 KB 22ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 00:06:55 GMT
server: ESF
date: Tue, 22 Jun 2021 01:38:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Jun 2021 01:38:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
623 B 23ms
19ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Code+Pro:500

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

670f823a01b0f3f4963471587ffb791302304ec4d46fa535a71626959dee19ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 01:38:45 GMT
server: ESF
date: Tue, 22 Jun 2021 01:38:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Jun 2021 01:38:45 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
5 KB 23ms
20ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 312614
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c44200002c42c4316000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: fca770a2f4ef789c405948d5b39aa10f
cf-ray: 6631c24d3c9a2c42-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H/1.1 200
OK highlight.css
fromthemachine.org/ 1 KB
847 B 304ms
278ms Stylesheet
text/css 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/highlight.css
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 61435026e22c7901be6c8ceadf471f2051d380872e8c505c2f12f4ef5f0ca8ff

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "444-5a7aae73ecc1c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 511

GET
H/1.1 200
OK tomorrow-night.css
fromthemachine.org/ 2 KB
999 B 311ms
286ms Stylesheet
text/css 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/tomorrow-night.css
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c50d01aea634fb78b058fa95bfa93e8338a5595a6e1cf9c34822f82a0176e418

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6e1-5a7aae73ecc1c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 663

GET
H/1.1 200
OK ayu-highlight.css
fromthemachine.org/ 871 B
755 B 311ms
287ms Stylesheet
text/css 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/ayu-highlight.css
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 0f5744347d66081ac6eabb1d10e4971004ff15fc76bd8116b09ae436bc3920c6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:09 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "367-5a7aae73ebc7c-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 419

GET
H2 200 clipboard.min.js Show response
cdn.jsdelivr.net/clipboard.js/1.6.1/ 10 KB
3 KB 23ms
19ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/clipboard.js/1.6.1/clipboard.min.js

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5170762
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c4440000d70d9626a000000001
x-served-by: cache-fra19138-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2967-1MI/On4vGFhepp5ianf6x4LqbyM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6631c24d3d0ed70d-FRA

GET
H2 200 jquery-2.1.4.min.js Show response
code.jquery.com/ 82 KB
29 KB 12ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.4.min.js
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:45 GMT
content-encoding: gzip
last-modified: Tue, 28 Apr 2015 16:17:08 GMT
server: nginx
etag: W/"553fb284-14979"
vary: Accept-Encoding
x-hw: 1624325925.dop216.fr8.t,1624325925.cds279.fr8.hc,1624325925.cds244.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29519

GET
H/1.1 200
OK store.js Show response
fromthemachine.org/ 17 KB
6 KB 304ms
280ms Script
application/javascript 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/store.js
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 54564950af03fb1e8ca33b33c84dcc3889553a65f4c8b2cc64c6dbd9f0b7423c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:15 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4490-5a7aae7a06481-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 5747

GET
H/1.1 200
OK / Show response
addsearch.com/js/ 1 KB
1004 B 137ms
42ms Script
application/javascript 52.166.11.26
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://addsearch.com/js/?key=1665711c9123bf7488b1b5127916aeff

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.166.11.26 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

1971d847918a3c14e2963d68bf846e1152553b57cc66cffd33d9ad40cf5d237e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Length: 723

GET
H2

200

hypothesis Show response
cdn.hypothes.is/
Redirect Chain

https://hypothes.is/embed.js
https://cdn.hypothes.is/hypothesis

8 KB
3 KB

21ms
16ms

Script
application/javascript

2606:4700:10::ac43:1687
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1687 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab6ce3117f8d69f748869c6bea9f10a78d8666f7c60dd9709d00ccc38426efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1755
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MNFMQGEFTHW08T4A
x-amz-id-2: VLtKzTCF+y1Y1L2d0LHwJdOQ4Qqdr2y6yfVeLnC40NjvOZE+j12DHF14tNPNzCcTYfOaYRstebM=
last-modified: Mon, 21 Jun 2021 13:57:48 GMT
server: cloudflare
etag: W/"2caadf4a6132bfa784730fd08519405f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800, must-revalidate
cf-request-id: 0ad2f7c5fb00004a5572157000000001
cf-ray: 6631c24ffbdb4a55-FRA

Redirect headers

date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 115
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 202
cf-request-id: 0ad2f7c5bd00004a5572151000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://cdn.hypothes.is/hypothesis
x-xss-protection: 1; mode=block
cache-control: public, max-age=14400
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c24f9b5b4a55-FRA
expires: Tue, 22 Jun 2021 01:41:51 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
33 KB 29ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

80a1319a8d1ffffe9c9f805f8db621b0e3470d4d72225e76ecc170018d71fbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 22 Jun 2021 01:38:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 11690081906860311690
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 33427
X-XSS-Protection: 0
Expires: Tue, 22 Jun 2021 01:38:45 GMT

GET
H2

200

image30.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image30.png
https://highenius.files.wordpress.com/2018/03/image30.png

5 KB
5 KB

100ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image30.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

21ba124382674241bb79561abedb2bf32eb6eb6fa2b27685e46a9de6d6914f8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:13:00 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 5088
expires: Mon, 26 Jul 2021 08:22:14 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image30.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

screenshot-2018-03-13-at-10-40-19-am1.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-10-40-19-am1.png
https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-10-40-19-am1.png

124 KB
124 KB

100ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-10-40-19-am1.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cbccfa590695598c53fb4450abf824b7281fa60464ccf9a9b383d1d8ba375979

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:13:01 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 126544
expires: Mon, 05 Jul 2021 19:02:14 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-10-40-19-am1.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ
eyerc.slack.com/join/shared_invite/
Redirect Chain

http://slack.reallyhim.com/
http://join.slack.com/t/eyerc/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ
https://join.slack.com/t/eyerc/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ
https://eyerc.slack.com/join/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ

0
0

324ms
315ms

Image
text/html

3.123.248.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eyerc.slack.com/join/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.123.248.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-248-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 22 Jun 2021 01:38:46 GMT
via: envoy-www-iad-f3xn
server: Apache
x-backend: main_normal main_canary_with_overflow main_control_with_overflow
x-via: envoy-www-iad-f3xn, haproxy-edge-fra-xej3
location: https://eyerc.slack.com/join/shared_invite/MjM2NDM2Mjc3Nzk4LTE1MDQ0MDE3NzQtMmU5NjI1N2VmOQ
x-server: slack-www-hhvm-main-iad-t786
x-envoy-upstream-service-time: 4
x-slack-shared-secret-outcome: shared-secret
content-type: text/html
content-length: 0

GET
H2

200

image56.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image56.png
https://highenius.files.wordpress.com/2018/03/image56.png

96 KB
96 KB

102ms
34ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image56.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f59cb37dcc75abac01f34cf0cdfa362737983042379f6c928a4ed03b29b6cdbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 98525
expires: Sun, 11 Jul 2021 20:41:49 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image56.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image55.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image55.png
https://highenius.files.wordpress.com/2018/03/image55.png

144 KB
144 KB

100ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image55.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a5b8c58d796999d01c3443c5d6a46f8cd5a887ba4e2c10dfe7387c8fe98a2259

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 146969
expires: Wed, 07 Jul 2021 21:13:25 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image55.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image49.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image49.png
https://highenius.files.wordpress.com/2018/03/image49.png

165 KB
165 KB

67ms
67ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image49.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d847fd1b5a9d29570c4a4c56f42c4a139edee0d7bb09ec553b9de13657ab7c18

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:55 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 168584
expires: Tue, 20 Jul 2021 18:58:07 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image49.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image46.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image46.png
https://highenius.files.wordpress.com/2018/03/image46.png

141 KB
142 KB

52ms
51ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image46.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2faae2be68bdb84fa668d99755942a234bef3b8e3120ce4145f5bc63bca71a22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:55 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 144715
expires: Sat, 24 Jul 2021 03:56:14 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image46.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

wessenmadewarning2.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/wessenmadewarning2.png
https://highenius.files.wordpress.com/2018/03/wessenmadewarning2.png

78 KB
78 KB

42ms
42ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/wessenmadewarning2.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3f1acbd1edc467983f4ef78212ab6d998289cb068cfabe083735421976b65ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:58 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 79558
expires: Sun, 18 Jul 2021 11:49:12 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/wessenmadewarning2.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

billboard2.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/billboard2.png
https://highenius.files.wordpress.com/2018/03/billboard2.png

16 KB
16 KB

33ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/billboard2.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1936d2bb74b8bae24a900ca8c94263758374e6be4474529ec23286de88f3cfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 16691
expires: Thu, 08 Jul 2021 00:37:54 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/billboard2.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image63.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image63.png
https://highenius.files.wordpress.com/2018/03/image63.png

216 KB
216 KB

33ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image63.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

68411ef0dad03039d342a20bf9954df7655cb2da9b9abf2690f8132f86388958

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:58 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 221136
expires: Tue, 13 Jul 2021 17:02:26 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image63.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image54.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image54.png
https://highenius.files.wordpress.com/2018/03/image54.png

9 KB
9 KB

33ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image54.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5b1185806a2cc9607b3e65113c322d54eb21033d942a822d07e61c904290e967

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 9605
expires: Sun, 25 Jul 2021 05:35:56 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image54.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image61.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image61.png
https://highenius.files.wordpress.com/2018/03/image61.png

91 KB
91 KB

37ms
36ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image61.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0e1994f140b8ac2ae15ea4f47cb2849cb92d2217e2ba1185c859bcddbf2fb01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:57 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 92882
expires: Sun, 11 Jul 2021 01:48:38 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image61.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image48.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image48.png
https://highenius.files.wordpress.com/2018/03/image48.png

119 KB
120 KB

34ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image48.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a968e1e608346680b060a6d1f549137207165f63e8d5c6ae9259a153daa3a423

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:55 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 122269
expires: Thu, 22 Jul 2021 11:24:35 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image48.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image57.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image57.png
https://highenius.files.wordpress.com/2018/03/image57.png

51 KB
51 KB

34ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image57.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4829d575d0a3d289850f711a4bda115f59a4c8edcbad721ced117b5ffe5923cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:57 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 51889
expires: Thu, 15 Jul 2021 17:59:25 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image57.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

screenshot-2018-03-13-at-12-43-17-pm2.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-12-43-17-pm2.png
https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-12-43-17-pm2.png

91 KB
91 KB

34ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-12-43-17-pm2.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dffaa2a776934274701cbdb0578220001d54e671189ccef40fee0addb6348806

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:58 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 92844
expires: Tue, 13 Jul 2021 04:14:46 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/screenshot-2018-03-13-at-12-43-17-pm2.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image47.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image47.png
https://highenius.files.wordpress.com/2018/03/image47.png

74 KB
74 KB

34ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image47.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2c651ff0621106c5346f5ddafc64bc215b52f60dd06154175560daa67817c57d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:55 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 75584
expires: Fri, 23 Jul 2021 02:37:57 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image47.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image52.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image52.png
https://highenius.files.wordpress.com/2018/03/image52.png

98 KB
98 KB

34ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image52.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a762c312f492a6ba680a134c2e76fa1596f6a794ae3218d4a565a211a5b35ff9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 100408
expires: Mon, 19 Jul 2021 08:56:27 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image52.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image64.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image64.png
https://highenius.files.wordpress.com/2018/03/image64.png

235 KB
236 KB

34ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image64.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bd7149aa4950e91e82890745065757adbc2edd178ba8efce12db79674d040041

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:58 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 240879
expires: Thu, 15 Jul 2021 16:21:07 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image64.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image62.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image62.png
https://highenius.files.wordpress.com/2018/03/image62.png

93 KB
93 KB

34ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image62.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5efef8c94e6b688ce0ab6ab21c40b50b49b6f7b149e593a285d7f44064fb548e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:57 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 95117
expires: Sun, 18 Jul 2021 14:16:37 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image62.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image59.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image59.png
https://highenius.files.wordpress.com/2018/03/image59.png

20 KB
20 KB

44ms
44ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image59.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ed74252c8fc00f1fe979bce016a6d22caa67def67abcac039993c46fe8e5e1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:57 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 20149
expires: Tue, 20 Jul 2021 15:37:54 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image59.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image60.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image60.png
https://highenius.files.wordpress.com/2018/03/image60.png

182 KB
182 KB

33ms
33ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image60.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3fcd80e70d20feff525124055bd9b02a406758e9b0ce913930d1659e7644f7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:57 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 186302
expires: Tue, 06 Jul 2021 05:23:44 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image60.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image53.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image53.png
https://highenius.files.wordpress.com/2018/03/image53.png

33 KB
33 KB

32ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image53.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a26e80434d81a445db6cb57837b6f503f61dabfda56af3ba0d8e1430d5eb77a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 34150
expires: Wed, 21 Jul 2021 05:05:50 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image53.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H2

200

image51.png
highenius.files.wordpress.com/2018/03/
Redirect Chain

http://highenius.files.wordpress.com/2018/03/image51.png
https://highenius.files.wordpress.com/2018/03/image51.png

32 KB
32 KB

32ms
32ms

Image
image/png

192.0.72.31
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highenius.files.wordpress.com/2018/03/image51.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.72.31 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bfdea8a45b51df3c3e469787c0a8962c84063788aaaea185b481d47258cb4fc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 31 np
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Mar 2018 05:21:56 GMT
server: nginx
accept-ranges: bytes
vary: Origin
content-type: image/png
access-control-allow-origin: https://highenius.wordpress.com
x-orig-src: 01_mogdir
access-control-allow-credentials: true
content-length: 32903
expires: Sat, 17 Jul 2021 14:08:48 GMT

Redirect headers

Location: https://highenius.files.wordpress.com/2018/03/image51.png
Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 162
Content-Type: text/html

GET
H/1.1 200
OK i6WpHqi.png
fromthemachine.org/i.imgur.com/ 130 KB
130 KB 161ms
160ms Image
image/png 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fromthemachine.org/i.imgur.com/i6WpHqi.png
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3cbd8900f8306e079ec022b606ce7f4415076a15d1597c7efd87f06f2dacf3ed

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Last-Modified: Mon, 22 Feb 2021 07:41:56 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "2084d-5bbe7efaa6a63"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 133197

GET
H/1.1 200
OK K0p3gWr.png
fromthemachine.org/i.imgur.com/ 152 KB
152 KB 153ms
152ms Image
image/png 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fromthemachine.org/i.imgur.com/K0p3gWr.png
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f4dc34ff1ebeb1f786c4a6fd3f1dc373519c0423f40afe2968589a7e123b20ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Last-Modified: Mon, 22 Feb 2021 07:41:56 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "25f51-5bbe7efaa7a03"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 155473

GET
H/1.1 200
OK YNON9WH.png
fromthemachine.org/i.imgur.com/ 127 KB
127 KB 152ms
152ms Image
image/png 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fromthemachine.org/i.imgur.com/YNON9WH.png
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: abcb11f0de8e958fadc5fccad999ae2fec12f061480a4a76fa0309cbee82b61c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Last-Modified: Mon, 22 Feb 2021 07:41:56 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1fcca-5bbe7efaa7a03"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 130250

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 6ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/67C2)
Age: 392
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

97ms
33ms

Script
application/javascript

104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Tue, 22 Jun 2021 01:38:46 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H2 200 F8nmg2T.png
i.imgur.com/ 12 KB
12 KB 103ms
32ms Image
image/png 151.101.112.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/F8nmg2T.png

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b6948fda2f652f44b46f97dda38829b55c66f2b235fd29618ed7c1343cfb184d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
age: 1093729
x-cache: HIT, HIT
content-length: 12111
x-served-by: cache-bwi5159-BWI, cache-hhn4025-HHN
last-modified: Sun, 24 Dec 2017 20:52:32 GMT
server: cat factory 1.0
x-timer: S1624325927.629153,VS0,VE1
etag: "eafff5cf8dc32c0b56a67a0a9ddfa3f2"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK highlight.js Show response
fromthemachine.org/ 76 KB
31 KB 159ms
158ms Script
application/javascript 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/highlight.js
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f2bea9a2c2225104635af594b0eb20e9d57b975ca1f86753fccb03dcbf36566f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:15 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1316b-5a7aae7a054e1-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 31349

GET
H/1.1 200
OK book.js Show response
fromthemachine.org/ 13 KB
4 KB 163ms
156ms Script
application/javascript 144.202.76.220
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: http://fromthemachine.org/book.js
Requested by: Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html
Protocol: HTTP/1.1
Server: 144.202.76.220 Dallas, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: arkho.me
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fcd170649883f49651924a2af395995f1c37dd854b0a4a4ed22318f44f2114fa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: fromthemachine.org
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://fromthemachine.org/XOXO.html
Connection: keep-alive
Cache-Control: no-cache
Referer: http://fromthemachine.org/XOXO.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 22 Jun 2021 01:38:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jun 2020 18:29:15 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "322d-5a7aae7a04541-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3583

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://fromthemachine.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 05:33:17 GMT
x-content-type-options: nosniff
age: 245129
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 05:33:17 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://fromthemachine.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 17:35:44 GMT
x-content-type-options: nosniff
age: 201782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 17:35:44 GMT

GET
H3-29 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 15ms
13ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: http://fromthemachine.org
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617, 617, 617
age: 398563
cdn-cachedat: 2021-06-08 21:22:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 56780
cf-request-id: 0ad2f7c5a300005363848a8000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9f3a4b53c1aab56d0961686b94335f8a
accept-ranges: bytes
cf-ray: 6631c24f6d325363-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/ 233 KB
87 KB 52ms
29ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9608809622006883&plah=fromthemachine.org&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88106
x-xss-protection: 0
server: cafe
etag: 14514754445097133811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 01:38:46 GMT

GET
H3-29 200 mem6YaGs126MiZpBA-UFUK0Zdc0.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
13 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem6YaGs126MiZpBA-UFUK0Zdc0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://fromthemachine.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 20:36:54 GMT
x-content-type-options: nosniff
age: 190912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:17 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 20:36:54 GMT

GET
H3-29 200 memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2
fonts.gstatic.com/s/opensans/v20/ 13 KB
13 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/memnYaGs126MiZpBA-UFUKWiUNhrIqM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://fromthemachine.org
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 06:17:58 GMT
x-content-type-options: nosniff
age: 242448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13792
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:22:06 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 06:17:58 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 143ms
47ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=44598
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

48 KB
19 KB

8ms
7ms

Script
text/javascript

2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2409
date: Tue, 22 Jun 2021 00:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 22 Jun 2021 02:58:37 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H3-29 200 annotator.bundle.js Show response
cdn.hypothes.is/hypothesis/1.807.0/build/scripts/ 149 KB
41 KB 35ms
22ms Script
application/javascript 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/annotator.bundle.js?1a3bfc

Requested by

Host: hypothes.is
URL: https://hypothes.is/embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9463526658255e613334f325ee3a9050081e58958e436deaa47a587142d1c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41479
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MNFM9ZA09J5CTG3K
x-amz-id-2: TpIDER4Iin1/0O9pHIl/iyRvOVIbvBIimiSsTE2juZA+kcZ/p0WvDAmCT1k9UcPUOHPgQe3AUIY=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"8ec335e720ad1fe6ab73bc966995942c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c6d40000248868b8c000000001
cf-ray: 6631c2515a482488-FRA

GET
H3-29 200 annotator.css
cdn.hypothes.is/hypothesis/1.807.0/build/styles/ 30 KB
5 KB 30ms
17ms Stylesheet
text/css 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/styles/annotator.css?e48263

Requested by

Host: hypothes.is
URL: https://hypothes.is/embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23c56c92dfcb49180cd6f508ea5f035e15644630d199966864084aecc79be53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41479
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MNFJ0614HNFREBMD
x-amz-id-2: bmWbeD3xgUg0eY6w3Oh6i0HUzEAK39+ygzljY5cVoWgou8sHI1M8ILTNlUeJjX7o2s6T6yFgdzg=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"595348cdc2d1aed26873f85a958a0551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c6d500002488b8958000000001
cf-ray: 6631c2515a492488-FRA

GET
H3-29 200 pdfjs-overrides.css
cdn.hypothes.is/hypothesis/1.807.0/build/styles/ 576 B
723 B 40ms
28ms Stylesheet
text/css 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/styles/pdfjs-overrides.css?e2e01b

Requested by

Host: hypothes.is
URL: https://hypothes.is/embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7879d78037d434e71ea57d8f5f383047c780f829d4ec21fcb92577d04042fb5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41478
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MNFGE606BDTKJVDP
x-amz-id-2: uls4t+9ES1ABA+ZXh16nVs3w/oPbc64DiaWpADPwCznxhlYmBlfZBpU12w+QkuhbhorSLA/s2Q4=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"1edbbf2041503367cd20cdbc28dde17b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c6d4000024889c27a000000001
cf-ray: 6631c2515a472488-FRA

OPTIONS
H/1.1 204
No Content crates
play.rust-lang.org/meta/ Frame 0
0 611ms
205ms Preflight 52.9.60.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://play.rust-lang.org/meta/crates
Protocol: HTTP/1.1
Server: 52.9.60.67 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-60-67.us-west-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://fromthemachine.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 22 Jun 2021 01:38:47 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: Content-Type
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H/1.1 200
OK crates Show response
play.rust-lang.org/meta/ 15 KB
15 KB 384ms
384ms XHR
application/json 52.9.60.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://play.rust-lang.org/meta/crates
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.1.4.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.60.67 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-60-67.us-west-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3a0c3eab4f89dab0442af528527fba850315dc232efe6595ab9fff75aff9e39a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 22 Jun 2021 01:38:47 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
Content-Length: 15395
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-576e94bdb4f80253/ 4 KB
2 KB 191ms
189ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-576e94bdb4f80253/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 57a1efaf1f3d6515d82c895ec4636b03c6d3597edde87e4279a4c10b29d2278e

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
etag: -838960525--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1367

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame 8D43 319 KB
103 KB 6ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffromthemachine.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6723) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://fromthemachine.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 13911
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Jun 2021 01:38:46 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6723)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
663 B 110ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fromthemachine.org&callback=_gfp_s_&client=ca-pub-9608809622006883

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210616/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9608809622006883&plah=fromthemachine.org&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b146b1c12f5c908a49eb5ba196cecc6547125d04378e348a9fa5f5e422b1cba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fromthemachine.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fromthemachine.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D9B 61 KB
21 KB 459ms
459ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9ee41824591595870b139c8ca5e0014996fc38a2a2035579af0c696d2ff74ec

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPuX9M6NqvECFSfZEQgdUE8IRA&gqi=Jj_RYOa6LdSHrATutKHICw&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fromthemachine.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPuX9M6NqvECFSfZEQgdUE8IRA&gqi=Jj_RYOa6LdSHrATutKHICw&layout=/sadbundle/%24csp%253Der3%24/12502976385620377600/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Jun 2021 01:38:47 GMT
server: cafe
content-length: 21124
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 22-Jun-2021 01:53:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Jun 2021 01:38:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274983153827"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27713
x-xss-protection: 0
expires: Tue, 22 Jun 2021 01:38:46 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 16ms
13ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-9608809622006883&c=11&e=2570847921467975139&n=0&t=0&w=6487&x=6

Requested by

Host: fromthemachine.org
URL: http://fromthemachine.org/XOXO.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Jun 2021 01:38:46 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 app.html Show response
hypothes.is/ Frame 76BC 821 B
954 B 30ms
29ms Document
text/html 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/app.html

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/annotator.bundle.js?1a3bfc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82060ad95ac293ed3c8c4a0095f4979eabc2f372a54ff2eb3e020a4570839098

Security Headers

Name	Value
Content-Security-Policy	script-src https://cdn.hypothes.is https://www.google-analytics.com; style-src https://cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: hypothes.is
:scheme: https
:path: /app.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fromthemachine.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-type: text/html; charset=UTF-8
content-security-policy: script-src https://cdn.hypothes.is https://www.google-analytics.com; style-src https://cdn.hypothes.is 'unsafe-inline'
expires: Tue, 22 Jun 2021 01:40:16 GMT
cache-control: public, max-age=1800
etag: W/"nSrhQ7skpGvPv96rUwfdsA"
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-xss-protection: 1; mode=block
vary: Cookie, Accept-Encoding
cf-cache-status: HIT
age: 210
cf-request-id: 0ad2f7c772000024885a261000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6631c2525b052488-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 8D43 256 B
441 B 209ms
139ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e1669fcba61bec8b9a623b87a257e356830596ad

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=http%3A%2F%2Ffromthemachine.org

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 01:38:46 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: eb61c32ee50850c4d6082b1070ba7186ce7ee9cb7d523d2d9c5b8915237e48a4
content-length: 176

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1602557630&t=pageview&_s=1&dl=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&ul=en-us&de=UTF-8&dt=XOXPA%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=642821172&gjid=1316061973&cid=1905207641.1624325927&tid=UA-74743044-1&_gid=1824661377.1624325927&_r=1&_slc=1&z=1065016570

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 01:38:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://fromthemachine.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 hypothesis Show response
cdn.hypothes.is/ Frame 76BC 8 KB
3 KB 15ms
15ms Script
application/javascript 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis

Requested by

Host: hypothes.is
URL: https://hypothes.is/app.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ab6ce3117f8d69f748869c6bea9f10a78d8666f7c60dd9709d00ccc38426efa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1755
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: MNFMQGEFTHW08T4A
x-amz-id-2: VLtKzTCF+y1Y1L2d0LHwJdOQ4Qqdr2y6yfVeLnC40NjvOZE+j12DHF14tNPNzCcTYfOaYRstebM=
last-modified: Mon, 21 Jun 2021 13:57:48 GMT
server: cloudflare
etag: W/"2caadf4a6132bfa784730fd08519405f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800, must-revalidate
cf-request-id: 0ad2f7c7bb0000248854bd3000000001
cf-ray: 6631c252cb652488-FRA

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-74743044-1&cid=1905207641.1624325927&jid=642821172&gjid=1316061973&_gid=1824661377.1624325927&_u=IAhAAEAAAAAAAC~&z=1645988884

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Jun 2021 01:38:46 GMT
content-type: text/plain
access-control-allow-origin: http://fromthemachine.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
hypothes.is/api/ Frame 76BC 3 KB
1 KB 19ms
18ms Other
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a1c8a3ee6d5df3e423fc8670ae6d35e6cd7cfccf0c2df02a9b1cf855ef3f1e9

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://hypothes.is
Referer: https://hypothes.is/app.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 292
hypothesis-media-type: application/vnd.hypothesis.v1+json
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c7dc000024888b2d1000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"P5Qx9N14kzbJuyr+OpXs9g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public, max-age=1800
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c252fb812488-FRA
expires: Tue, 22 Jun 2021 01:38:54 GMT

GET
H3-29 200 links
hypothes.is/api/ Frame 76BC 459 B
771 B 646ms
644ms Other
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/links

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3acf456c94b3d523a136972b5575aa495e93f068753ee73c54b8a585a0eef6ef

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://hypothes.is
Referer: https://hypothes.is/app.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c7dc00002488aa225000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"E5X7RvogS0IqGohOA+Icsg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=300, public
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c252fb822488-FRA
expires: Tue, 22 Jun 2021 01:43:47 GMT

GET
H3-29 200 sentry.bundle.js Show response
cdn.hypothes.is/hypothesis/1.807.0/build/scripts/ Frame 76BC 105 KB
28 KB 29ms
27ms Script
application/javascript 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3433bad31c5b77f78e64528dd4ed70fb03e44feb36d360a41e9b420a3b6af26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41474
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 5Y56QDVWX39WN8WR
x-amz-id-2: 2ppTJN8qSjs40OdYlKuxAKuklaGyuM5tpFm3HWjJ7JNAB8q/TAEuEkXo/FOnVesifNuy7w2U6lk=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"ca3115058c181534b1bef8531fe74698"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c7dd00002488601aa000000001
cf-ray: 6631c252fb852488-FRA

GET
H3-29 200 katex.bundle.js Show response
cdn.hypothes.is/hypothesis/1.807.0/build/scripts/ Frame 76BC 253 KB
67 KB 33ms
31ms Script
application/javascript 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/katex.bundle.js?29a350

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fdf56eb20465f4374e660f449d05bdd82b90d979125d4fe74348e979a028d58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41474
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 5Y5B4539V2FZF99X
x-amz-id-2: 0yJTfWtr2RUKnIMC3lMt4EqfkryAf1U/NBFqQj94dLI1Ma73gFkXuDY9YsMiobs5zhALkBsG0xg=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"c07b49e4e66b73de002b44840d5d7da9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c7dd0000248866354000000001
cf-ray: 6631c252fb862488-FRA

GET
H3-29 200 showdown.bundle.js Show response
cdn.hypothes.is/hypothesis/1.807.0/build/scripts/ Frame 76BC 75 KB
23 KB 27ms
25ms Script
application/javascript 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/showdown.bundle.js?3a22fe

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b196f3f0649adaf2ce80b6b5a1db340a6263e733e4c84d2bbea14049c66c53f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41474
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 5Y5C47V7SRY220FD
x-amz-id-2: +iavG35p7kNE9IGRr0LjK/FUDANKrkm7lonzL1CcTD+vvnWQR5QYrMo+OJik6QDPiwNg+5pdlJo=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"6fac0485b2514f3514a4eedd88b24966"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c7de000024888fac6000000001
cf-ray: 6631c252fb892488-FRA

GET
H3-29 200 sidebar.bundle.js Show response
cdn.hypothes.is/hypothesis/1.807.0/build/scripts/ Frame 76BC 352 KB
85 KB 39ms
37ms Script
application/javascript 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sidebar.bundle.js?dd08d9

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73831fd4d145f4373f716e2ad4d9777d50660bfd8cb6dea05b3b6da0f49eb9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41474
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PE4JZTDT9D4A8JHX
x-amz-id-2: 5B7YLAbIkhT1930pGDc32oZ+akRBp3l8ker9UlFbWRghOyyJLrL4bvl7CurChTDtANvxKuC6B5g=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"a88b3fcd43a16f0d5694d5b38246fd83"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c7de00002488bd3d9000000001
cf-ray: 6631c252fb8b2488-FRA

GET
H3-29 200 katex.min.css
cdn.hypothes.is/hypothesis/1.807.0/build/styles/ Frame 76BC 23 KB
4 KB 22ms
21ms Stylesheet
text/css 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/styles/katex.min.css?74928a

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2df500fb9577ab7f19f06fbe1673b13c361dcb052462bf4604109080c66cee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41474
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: 5Y5A2RAHCBHQ7231
x-amz-id-2: EuH0ADpXSa3wfB6frHJnlhZG3qGPYy0Fj1TXuJPeUGSwYulF3lQYhIKzFRD1uhtHN/rffl1azBE=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"24f8c8a3c4c75f3e1c57120bc785c6e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c7dd0000248886019000000001
cf-ray: 6631c252fb832488-FRA

GET
H3-29 200 sidebar.css
cdn.hypothes.is/hypothesis/1.807.0/build/styles/ Frame 76BC 68 KB
9 KB 17ms
16ms Stylesheet
text/css 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.hypothes.is/hypothesis/1.807.0/build/styles/sidebar.css?e46a64

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66c60190cf607f99e53e7a55b4d17fde845a3bbaed509d517b36d00e097df4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 41474
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id: PE4Y4F28P0NNBZZ5
x-amz-id-2: 9L9Vs8BewU/biLJhS+anJzLqA05PIEEnHL6vsR3KFZa/qEn+Q6xo58EtWLgbmRse4CwnlPDqvdY=
last-modified: Mon, 21 Jun 2021 13:57:46 GMT
server: cloudflare
etag: W/"7bdfeba0cf9ce090b5c7505cb9343811"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=315360000, immutable
cf-request-id: 0ad2f7c7dd00002488cba1b000000001
cf-ray: 6631c252fb882488-FRA

POST
H/1.1 200
OK / Show response
sentry.io/api/69811/envelope/ Frame 76BC 2 B
401 B 572ms
142ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/69811/envelope/?sentry_key=31109f033e4e4e079fb4ac6469656eb5&sentry_version=7

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://hypothes.is/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 22 Jun 2021 01:38:47 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://hypothes.is
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

GET
H3-29 200 groups Show response
hypothes.is/api/profile/ Frame 76BC 2 B
563 B 671ms
670ms Fetch
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/profile/groups?expand=organization&expand=scopes

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
X-Client-Id: 70d4afcd7b27aeee8fb3313b4e74814b
Hypothesis-Client-Version: 1.807.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2
cf-request-id: 0ad2f7c8860000248886020000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
date: Tue, 22 Jun 2021 01:38:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
etag: "11FxOYiYfpMxmANj4kGJzg"
cf-ray: 6631c2540c3d2488-FRA

GET
H3-29 200 groups Show response
hypothes.is/api/ Frame 76BC 362 B
741 B 668ms
667ms Fetch
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/groups?expand=organization&expand=scopes

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a471a5f153e1245b411362a12da37a8c2f526442a5c5735c7cabda9b257820

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
X-Client-Id: 70d4afcd7b27aeee8fb3313b4e74814b
Hypothesis-Client-Version: 1.807.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c882000024887a935000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"2RFKhCJ17PnAIkQpZpH1tQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c2540c3e2488-FRA

GET
H3-29 200 profile Show response
hypothes.is/api/ Frame 76BC 228 B
701 B 180ms
179ms Fetch
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/profile

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

681f81b138594bb718b17b23dc6f4e9fe463dc36f831d00911b7550f2091d592

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
X-Client-Id: 70d4afcd7b27aeee8fb3313b4e74814b
Hypothesis-Client-Version: 1.807.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c8840000248854bd9000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"LOLu4l5t1fsGp37d1sSu0w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c2540c402488-FRA

GET
H2 200 custom-messages.5799ddf75a30812a3d49.js Show response
s7.addthis.com/static/ 114 KB
28 KB 34ms
34ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e08ee0a0555b2527719a5d5581fb11ae492e0a111be1f89ceedd3b51e995c7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-1c9fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 22 Jun 2021 01:38:47 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 28521

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 37ms
37ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 22 Jun 2021 01:38:47 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H3-29 200 groups Show response
hypothes.is/api/profile/ Frame 76BC 2 B
563 B 623ms
622ms Fetch
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/profile/groups?expand=organization&expand=scopes

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
X-Client-Id: 70d4afcd7b27aeee8fb3313b4e74814b
Hypothesis-Client-Version: 1.807.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2
cf-request-id: 0ad2f7c8b400002488a393c000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
date: Tue, 22 Jun 2021 01:38:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
etag: "11FxOYiYfpMxmANj4kGJzg"
cf-ray: 6631c2545c772488-FRA

GET
H3-29 200 groups Show response
hypothes.is/api/ Frame 76BC 362 B
741 B 645ms
645ms Fetch
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/groups?document_uri=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&expand=organization&expand=scopes

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a471a5f153e1245b411362a12da37a8c2f526442a5c5735c7cabda9b257820

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
X-Client-Id: 70d4afcd7b27aeee8fb3313b4e74814b
Hypothesis-Client-Version: 1.807.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7c8b500002488adbe8000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"2RFKhCJ17PnAIkQpZpH1tQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c2545c782488-FRA

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/ Frame 8D9B 3 KB
1 KB 52ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jul 2021 01:18:30 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D9B 122 KB
37 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1624274989777919"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38141
x-xss-protection: 0
expires: Tue, 22 Jun 2021 01:38:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/ Frame 8D9B 13 KB
6 KB 51ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210617/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:17:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5706
x-xss-protection: 0
server: cafe
etag: 5108850372203985220
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Jul 2021 01:17:21 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame EBAA 369 KB
35 KB 44ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/12502976385620377600/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 19 Jun 2021 04:55:28 GMT
expires: Sun, 19 Jun 2022 04:55:28 GMT
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 34639
age: 247399
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8D9B 0
0 31ms
25ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CbOb3Jj_RYPvsLaeyx_AP0J6hoASAkdP4YoTpysG1Db__uePXAhABIMz9uS5glQKgAdTQ0JcDyAEJqQJ8c0Zbiv6zPqgDAcgDAqoEuwFP0LXQjnMpaaKuky7MhjNOmegYGRUZCg3U4AfR69zwdpD8dRWjxE04eW0YbRt2-JsNVLN4HoruQS8oz7vef_IBBTYaH7p8p1uyg77LAFnQh0LU8NOz4cjsIIeYZx5paLCgVlBH9l6it4iAvPW3Uzmrh1meaP7gJ8dkmoyVQzVQ2cz2m5nOmNX9Ra3KbJe6kqcDL7_xYzhFJsvBLDI91iAt9GDVH4VHu1M9Ovm1pXjuGif5KiCJFAOhfId9wASmjfPbvwOSBQQIBBgBkgUECAUYBKAGXYAHy__cbKgHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCl2ATSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItOTYwODgwOTYyMjAwNjg4Mw&sigh=iFe5W0DHQMU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 22 Jun 2021 01:38:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Jun 2021 01:38:47 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82DA 143 B
163 B 17ms
17ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&h=90&slotname=4355365452&adk=1291094228&adf=3455968263&pi=t.ma~as.4355365452&w=728&lmt=1614001644&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&flash=0&wgl=1&dt=1624325926362&bpp=15&bdt=416&idt=351&shv=r20210616&cbv=%2Fr20190131&ptt=5&saldr=sa&abxe=1&correlator=8490097124984&frm=20&pv=2&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=586&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&pvsid=410151480498104&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=NcrmckmQ9W&p=http%3A//fromthemachine.org&dtd=372

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 22 Jun 2021 00:47:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3092
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8D9B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ebc4e2b4b261f794b8d632306e77c5c39d1e41561d9c178076432a5c276642f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82DA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
15ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHmcanGP3QKfTP8cR3uAfOA3q6Gfyj0_eyB1EGe4BIRzsNAL0K1HLDA2QZ7vs
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Jun 2021 01:38:47 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 22-Jun-2021 02:38:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 22 Jun 2021 01:38:47 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Jun 2021 01:38:47 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 css
fonts.googleapis.com/ Frame EBAA 2 KB
566 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inter:800

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 23:55:46 GMT
server: ESF
date: Tue, 22 Jun 2021 01:38:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Jun 2021 01:38:47 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EBAA 16 KB
6 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 07:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 22 Jun 2021 07:51:03 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EBAA 26 KB
10 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 08:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63489
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 22 Jun 2021 08:00:38 GMT

GET
H3-29 200 UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2
fonts.gstatic.com/s/inter/v3/ Frame EBAA 18 KB
18 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v3/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuDyYAZ9hiA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter:800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 11:59:04 GMT
x-content-type-options: nosniff
age: 221983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18116
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:31:27 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 11:59:04 GMT

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a549bce3670f132c209e19fb89bdbccc1f99662929c90b49d2202bca143a691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48924
x-xss-protection: 0
server: cafe
etag: 7348797387069870
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Jun 2021 01:38:47 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
20ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210616&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f76dc3c35f85363d62f86f61dc2d801aa3692cdc86475051aa6f528d7d0eb111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8468
x-xss-protection: 0

GET
H3-29 200 Grover_Logo_Claim-top-White.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame EBAA 8 KB
2 KB 11ms
8ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/Grover_Logo_Claim-top-White.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 223636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2144
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 11:31:31 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 11:31:31 GMT

GET
H3-29 200 sim.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame EBAA 8 KB
8 KB 9ms
8ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/sim.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 223909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 11:26:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 11:26:58 GMT

GET
H3-29 200 phones_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame EBAA 48 KB
48 KB 9ms
9ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/phones_2.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 221067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48894
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 12:14:20 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:14:20 GMT

GET
H3-29 200 1phones.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/ Frame EBAA 26 KB
26 KB 11ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12502976385620377600/1phones.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 219135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26884
x-xss-protection: 0
last-modified: Fri, 23 Apr 2021 11:57:52 GMT
server: sffe
date: Sat, 19 Jun 2021 12:46:32 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 12:46:32 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 22 Jun 2021 01:38:47 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/ Frame 4E83 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210616/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210616/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fromthemachine.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHmcanGP3QKfTP8cR3uAfOA3q6Gfyj0_eyB1EGe4BIRzsNAL0K1HLDA2QZ7vs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 21 Jun 2021 19:02:37 GMT
expires: Mon, 05 Jul 2021 19:02:37 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 23770
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 24ms
23ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&tn=DIV&id=sidebar&cls=sidebar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Jun 2021 01:38:47 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ 0
459 B 24ms
18ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&tn=DIV&id=sidebar&cls=sidebar&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Jun 2021 01:38:47 GMT
X-Content-Type-Options: nosniff
Server: cafe
Timing-Allow-Origin: *
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Content-Type: image/gif
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 40ms
16ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fromthemachine.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 39ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fromthemachine.org

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E7EE 0
16 B 20ms
20ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9608809622006883&output=html&adk=1812271804&adf=3025194257&lmt=1614001644&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&ea=0&flash=0&pra=7&wgl=1&dt=1624325927493&bpp=3&bdt=1547&idt=3&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De6b9dba7e22c0a74-2273dbde14c90032%3AT%3D1624325926%3ART%3D1624325926%3AS%3DALNI_MYLcvU_lLboJU9CCYpGh6_QnMMXoA&prev_slotnames=4355365452&nras=1&correlator=8490097124984&frm=20&pv=1&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&psts=AGkb-H80Iz41RhN_2gVqtBcq617w3UdUOKkxjpAV0dKsplPuIdOS5_qmCFcv2skLK35huYgYz-lpG4ESE-E&pvsid=410151480498104&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=50

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-9608809622006883&output=html&adk=1812271804&adf=3025194257&lmt=1614001644&plat=1%3A16809992%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&ea=0&flash=0&pra=7&wgl=1&dt=1624325927493&bpp=3&bdt=1547&idt=3&shv=r20210616&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&cookie=ID%3De6b9dba7e22c0a74-2273dbde14c90032%3AT%3D1624325926%3ART%3D1624325926%3AS%3DALNI_MYLcvU_lLboJU9CCYpGh6_QnMMXoA&prev_slotnames=4355365452&nras=1&correlator=8490097124984&frm=20&pv=1&ga_vid=1905207641.1624325927&ga_sid=1624325927&ga_hid=1602557630&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061485%2C31061334%2C44744170&oid=3&psts=AGkb-H80Iz41RhN_2gVqtBcq617w3UdUOKkxjpAV0dKsplPuIdOS5_qmCFcv2skLK35huYgYz-lpG4ESE-E&pvsid=410151480498104&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fromthemachine.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnHmcanGP3QKfTP8cR3uAfOA3q6Gfyj0_eyB1EGe4BIRzsNAL0K1HLDA2QZ7vs; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 22 Jun 2021 01:38:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 1CC9 12 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fromthemachine.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 21 Jun 2021 21:31:09 GMT
expires: Tue, 21 Jun 2022 21:31:09 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B612 783 B
532 B 28ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb9195c4b76e08802850a8c18daefe6b2fe4349de48e078f0ce59cc4443227cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T4MXRSeZrt2MSTQIbRckhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://fromthemachine.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://fromthemachine.org/

Response headers

expires: Tue, 22 Jun 2021 01:38:47 GMT
date: Tue, 22 Jun 2021 01:38:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-T4MXRSeZrt2MSTQIbRckhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1CC9 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 21:31:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 21 Jun 2022 21:31:09 GMT

GET
H2 200 151.67aec2e0546e639563bb.js Show response
s7.addthis.com/static/ 2 KB
1 KB 35ms
35ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/151.67aec2e0546e639563bb.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-68f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 22 Jun 2021 01:38:47 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 815

GET
H3-29 200 logo
hypothes.is/organizations/__default__/ Frame 76BC 1 KB
1 KB 201ms
200ms Image
image/svg+xml 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hypothes.is/organizations/__default__/logo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b57a0ce6fca0c3a80c7d930bc89d872b28683e5d2a55117b2636b16cdf87ef03

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Jun 2021 01:38:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7cb5b0000248897bd4000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"Am2sVrSvzhSUTTa2beuWlw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Encoding
content-type: image/svg+xml; charset=UTF-8
x-xss-protection: 1; mode=block
cache-control: max-age=600
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c2589fa72488-FRA
expires: Tue, 22 Jun 2021 01:48:47 GMT

GET
H3-29 200 search Show response
hypothes.is/api/ Frame 76BC 24 B
590 B 638ms
638ms Fetch
application/json 2606:4700:10::6816:379f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hypothes.is/api/search?_separate_replies=false&group=__world__&limit=50&order=asc&sort=created&uri=http%3A%2F%2Ffromthemachine.org%2FXOXO.html&uri=urn%3Ax-dc%3Alamc.la%2FXOXO.html

Requested by

Host: cdn.hypothes.is
URL: https://cdn.hypothes.is/hypothesis/1.807.0/build/scripts/sentry.bundle.js?06385a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:379f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6526d6fe25b1a1dc41108a0ecf63336ec8b93f02b97249ad027df78bd6316b77

Security Headers

Name	Value
Content-Security-Policy	font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hypothes.is/app.html
X-Client-Id: 70d4afcd7b27aeee8fb3313b4e74814b
Hypothesis-Client-Version: 1.807.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 22 Jun 2021 01:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
hypothesis-media-type: application/vnd.hypothesis.v1+json
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ad2f7cbc100002488601c8000000001
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: cloudflare
etag: W/"M9iO1sCkxF1xd6XoQr8iGw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache
content-security-policy: font-src 'self' fonts.gstatic.com cdn.hypothes.is; script-src 'self' cdn.hypothes.is www.google-analytics.com; style-src 'self' fonts.googleapis.com cdn.hypothes.is 'unsafe-inline'
cf-ray: 6631c259382d2488-FRA

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gda_r20210616&jk=410151480498104&bg=!3t2l3ZnNAAZktE7iZLQ7ACkAdvg8WmRPggXA5SFCoD4su_Y88CcINWXGRFKuURxxAkQiltzOW74B-wIAAADnUgAAAA5oAQcKAHO89eL-q3B8Jb_jvo5MXjl5QD5OV603ncMFV-icv6qI56uspVQJnm5fMNI9p4FDQkUEf9ZO3HEkcJDuxRuPwd5JNt5at60VurAcxX6_iSj2GD7nDElCA6SQFZySohZ98tEhfvBgQ1P9ozWY62UwNTdPykl2mQJvJeqpmm68ViIclDCdfGukY-WzwzfkNvqFg1v2HwjpxWqKN7rVYshI_hKoJaMH5YtpNDj4bFe_v9TvLQqNJz4NzIFPDScyX76bNp3oSWYTuFeOnAHKsEfnW8Nr0t_5TLqPu-91rqbpkDTcrg5o2Hgr3cKqqb0OQpl1bO9YfrMCFH-6ULCBjbmaUBBfpTV7I6sZlO9y5QbjIlfQL7XkiQunixX9bdwsFJHBmd29jP22To1U0gpilUWHw9Gl_c2uCbyuUpeAazBFWAta3q5NHjqkEKY5v7dF9JMTeUfrfUw0-Od-Uatd5vM0mDTC4GjKSxPeTsL-L88Hc4yGL-wtkVgjf6wViAuhoDndj4n78UlF7IRZ6H4BXcodtduAeuDdMvlkpoczOQUDBoOkEtUIr5iiBJ9_VeUM6p_5hF1_eYPSkBeRMsLj8N24OAsLNRjByPVEnacTZHTQregzWE7Jgy0B8rUeYI11ZgRxq7IV5np4BfRc0K1KpXTmp20gqbVw7mr2Bio-5VO270SnChe-LJsXuaHkIMwoSeKyiSefgRYT7-tNQJk-HW6JXKqDsEqyfUzzD2SI3ffMfHDsPV0RWbsg3mXTfbYxqcSB7by1Yt81u_xAYAm62TZbSZruBz6HvAx6gdWmwx6folv95ZsDvP5chsDBhhnQCTDL07r_LMlitbRRQgWRJjbX-ltNT3puinBpq0r20LbbQxleKMAeapEbY3i7i-CIrsJNiyOyDhYjR0lEceaIkKNNYPRd5z4-Ux5Af49Q-HvU6KPO40VtccN8VS5RKvzB6ATqHharGA1pTUWLTC4D1MJzeKiH7maKxeY

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fromthemachine.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 01:38:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D9B 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutS_JjZ-xenTqbG6FNaj4ooHTpJYGBX_NNGvAiUnR_WrN8ZcVHul7T3WwcEDeqUG2kOQaKb3edANWVCjBksA51FcU6RxpDQ1u9b2-WF9dN5SwJpDSUDFTG_xBtTg&sai=AMfl-YTRNzjM-7i6j05Ffpj_I4UOXEPNCMKUWxueW33lJ_JCKxuC5KAb3u9MCsND3wZT2xb1Zkb1Wsbcacz5&sig=Cg0ArKJSzOkrg6GR36KbEAE&id=lidar2&mcvt=1000&p=148,586,238,1314&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210621&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1291094228&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1624325926738&dlt=462&rpt=205&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Jun 2021 01:38:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 19:12:09	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 04:33:41	Name: IDE Value: AHWqTUnHmcanGP3QKfTP8cR3uAfOA3q6Gfyj0_eyB1EGe4BIRzsNAL0K1HLDA2QZ7vs
.fromthemachine.org/	1970-01-20 04:33:41	Name: __gads Value: ID=e6b9dba7e22c0a74-2273dbde14c90032:T=1624325926:RT=1624325926:S=ALNI_MYLcvU_lLboJU9CCYpGh6_QnMMXoA
.fromthemachine.org/	1970-01-19 19:13:32	Name: _gid Value: GA1.2.1824661377.1624325927
.fromthemachine.org/	1970-01-20 12:43:17	Name: _ga Value: GA1.2.1905207641.1624325927
fromthemachine.org/	1970-01-19 19:12:07	Name: __atuvs Value: 60d13f26bf6023eb000
fromthemachine.org/	1970-01-20 04:40:53	Name: __atuvc Value: 1%7C25
.fromthemachine.org/	1970-01-19 19:12:05	Name: _gat Value: 1
fromthemachine.org/	1970-01-25 20:31:23	Name: mdbook-theme Value: %22light%22

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

addsearch.com
adservice.google.com
adservice.google.de
cdn.hypothes.is
cdn.jsdelivr.net
code.jquery.com
eyerc.slack.com
fonts.googleapis.com
fonts.gstatic.com
fromthemachine.org
googleads.g.doubleclick.net
highenius.files.wordpress.com
hypothes.is
i.imgur.com
join.slack.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
play.rust-lang.org
s7.addthis.com
sentry.io
slack.reallyhim.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
z.moatads.com
104.244.42.72
104.75.88.126
142.250.184.226
144.202.76.220
151.101.112.193
184.168.131.241
192.0.72.31
2.18.235.40
2001:4de0:ac18::1:a:1b
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:379f
2606:4700:10::ac43:1687
2606:4700::6810:5814
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:802::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9d
3.123.248.34
35.188.42.15
52.166.11.26
52.9.60.67
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07a471a5f153e1245b411362a12da37a8c2f526442a5c5735c7cabda9b257820
0a549bce3670f132c209e19fb89bdbccc1f99662929c90b49d2202bca143a691
0e1994f140b8ac2ae15ea4f47cb2849cb92d2217e2ba1185c859bcddbf2fb01c
0f5744347d66081ac6eabb1d10e4971004ff15fc76bd8116b09ae436bc3920c6
125d1f1220f760e33bb88559cedc90ce66db3e58048f4a09571456ce2521e141
176bf34c69ad4b716195073e854bcb902e052f159870b34de9886245f48bec6c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1936d2bb74b8bae24a900ca8c94263758374e6be4474529ec23286de88f3cfea
1971d847918a3c14e2963d68bf846e1152553b57cc66cffd33d9ad40cf5d237e
1ea901577fd64178b72730a9f203acbda8801a66f7caf920b59257b13876eae2
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
21ba124382674241bb79561abedb2bf32eb6eb6fa2b27685e46a9de6d6914f8b
23c56c92dfcb49180cd6f508ea5f035e15644630d199966864084aecc79be53f
2c651ff0621106c5346f5ddafc64bc215b52f60dd06154175560daa67817c57d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2faae2be68bdb84fa668d99755942a234bef3b8e3120ce4145f5bc63bca71a22
3433bad31c5b77f78e64528dd4ed70fb03e44feb36d360a41e9b420a3b6af26e
3a0c3eab4f89dab0442af528527fba850315dc232efe6595ab9fff75aff9e39a
3acf456c94b3d523a136972b5575aa495e93f068753ee73c54b8a585a0eef6ef
3bc9d28f4e64c676c58b31ad6578ca7f3f383cca647bf363916d4ee8982c3b08
3cbd8900f8306e079ec022b606ce7f4415076a15d1597c7efd87f06f2dacf3ed
3f1acbd1edc467983f4ef78212ab6d998289cb068cfabe083735421976b65ae3
3fcd80e70d20feff525124055bd9b02a406758e9b0ce913930d1659e7644f7ae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
4829d575d0a3d289850f711a4bda115f59a4c8edcbad721ced117b5ffe5923cd
490407845cbcf0b8b85cef4e0b80de6777ee5473b8840a83c7e555cb3484309e
4ab6ce3117f8d69f748869c6bea9f10a78d8666f7c60dd9709d00ccc38426efa
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
517ee8a1d0e3438c13fe609412789c12bf6e3dbffd461694e6b7596378d40f75
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
54564950af03fb1e8ca33b33c84dcc3889553a65f4c8b2cc64c6dbd9f0b7423c
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
57a1efaf1f3d6515d82c895ec4636b03c6d3597edde87e4279a4c10b29d2278e
5b1185806a2cc9607b3e65113c322d54eb21033d942a822d07e61c904290e967
5efef8c94e6b688ce0ab6ab21c40b50b49b6f7b149e593a285d7f44064fb548e
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61435026e22c7901be6c8ceadf471f2051d380872e8c505c2f12f4ef5f0ca8ff
6526d6fe25b1a1dc41108a0ecf63336ec8b93f02b97249ad027df78bd6316b77
66c60190cf607f99e53e7a55b4d17fde845a3bbaed509d517b36d00e097df4eb
670f823a01b0f3f4963471587ffb791302304ec4d46fa535a71626959dee19ab
681f81b138594bb718b17b23dc6f4e9fe463dc36f831d00911b7550f2091d592
68411ef0dad03039d342a20bf9954df7655cb2da9b9abf2690f8132f86388958
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73831fd4d145f4373f716e2ad4d9777d50660bfd8cb6dea05b3b6da0f49eb9b3
7879d78037d434e71ea57d8f5f383047c780f829d4ec21fcb92577d04042fb5e
7a1c8a3ee6d5df3e423fc8670ae6d35e6cd7cfccf0c2df02a9b1cf855ef3f1e9
805dc2ef7778678ace99530207d0bcda25f70b3c2ae08bca8259c079454eb0a4
80a1319a8d1ffffe9c9f805f8db621b0e3470d4d72225e76ecc170018d71fbf3
82060ad95ac293ed3c8c4a0095f4979eabc2f372a54ff2eb3e020a4570839098
8ebc4e2b4b261f794b8d632306e77c5c39d1e41561d9c178076432a5c276642f
98ba2e1fef17c14f30d59cd311adb42f9393ba132e6689fb5784e092a5638606
9fdf56eb20465f4374e660f449d05bdd82b90d979125d4fe74348e979a028d58
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a26e80434d81a445db6cb57837b6f503f61dabfda56af3ba0d8e1430d5eb77a7
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b8c58d796999d01c3443c5d6a46f8cd5a887ba4e2c10dfe7387c8fe98a2259
a762c312f492a6ba680a134c2e76fa1596f6a794ae3218d4a565a211a5b35ff9
a968e1e608346680b060a6d1f549137207165f63e8d5c6ae9259a153daa3a423
a9ee41824591595870b139c8ca5e0014996fc38a2a2035579af0c696d2ff74ec
aa4607112a6b3245394fee13973cf8cf8a22b727f919f60636436a945886005b
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
abcb11f0de8e958fadc5fccad999ae2fec12f061480a4a76fa0309cbee82b61c
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9463526658255e613334f325ee3a9050081e58958e436deaa47a587142d1c8
b026d5118326e37e2324456275ac6971462e1c6a8a90213c55bb4a098aa3b4f4
b146b1c12f5c908a49eb5ba196cecc6547125d04378e348a9fa5f5e422b1cba0
b196f3f0649adaf2ce80b6b5a1db340a6263e733e4c84d2bbea14049c66c53f8
b57a0ce6fca0c3a80c7d930bc89d872b28683e5d2a55117b2636b16cdf87ef03
b6948fda2f652f44b46f97dda38829b55c66f2b235fd29618ed7c1343cfb184d
b8c17e5dd0633499e73cab90d02e2ee089e60b718c6a917e9b1c3b418c15c179
bd7149aa4950e91e82890745065757adbc2edd178ba8efce12db79674d040041
bfdea8a45b51df3c3e469787c0a8962c84063788aaaea185b481d47258cb4fc2
c50d01aea634fb78b058fa95bfa93e8338a5595a6e1cf9c34822f82a0176e418
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c969efceff108562296b3425ced4ae3921ebf7baf40958c4b500c7d075ae350a
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cbccfa590695598c53fb4450abf824b7281fa60464ccf9a9b383d1d8ba375979
d1b1ae274b98b536cad52a99915d4fc0670fb156a0404ad097c4e873c7422f5b
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d847fd1b5a9d29570c4a4c56f42c4a139edee0d7bb09ec553b9de13657ab7c18
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
dffaa2a776934274701cbdb0578220001d54e671189ccef40fee0addb6348806
e08ee0a0555b2527719a5d5581fb11ae492e0a111be1f89ceedd3b51e995c7c5
e1fa72e38624f68bc2039aded02a054eead1fbf24646f4df60abcacc665a8690
e2df500fb9577ab7f19f06fbe1673b13c361dcb052462bf4604109080c66cee7
e31df2644a9070cc082f2a77dbcc355f11598e82e718f7634fc7d17cfa05fc17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ea36e0ae829a1787f304bafbbfa15b5b46896ba5e0149f800f6ed8c9767aa0f4
ed74252c8fc00f1fe979bce016a6d22caa67def67abcac039993c46fe8e5e1f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f03119a0b9bdfaf4b69b410a40c5cce3f1a884838053897428cd23ea50d2b34d
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f2bea9a2c2225104635af594b0eb20e9d57b975ca1f86753fccb03dcbf36566f
f4dc34ff1ebeb1f786c4a6fd3f1dc373519c0423f40afe2968589a7e123b20ab
f59cb37dcc75abac01f34cf0cdfa362737983042379f6c928a4ed03b29b6cdbd
f76dc3c35f85363d62f86f61dc2d801aa3692cdc86475051aa6f528d7d0eb111
f8deed8d38bdd3b2902629c02ad1eb000b082b2519fb73d31a63d37181cf77fc
fb9195c4b76e08802850a8c18daefe6b2fe4349de48e078f0ce59cc4443227cc
fcd170649883f49651924a2af395995f1c37dd854b0a4a4ed22318f44f2114fa

fromthemachine.org Open in urlscan Pro 144.202.76.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

119 Requests

87 %HTTPS

61 %IPv6

25 Domains

31 Subdomains

30 IPs

4 Countries

3893 kBTransfer

6608 kBSize

9 Cookies

27 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

fromthemachine.org Open in urlscan Pro
144.202.76.220 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

87 %
HTTPS

61 %
IPv6

25
Domains

31
Subdomains

30
IPs

4
Countries

3893 kB
Transfer

6608 kB
Size

9
Cookies

119 HTTP transactions
1 data transactions