distrib.addon-continue.com Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://nytimetv.grooveblog.com/?v=11 Page URL
2. https://usanewsnews.grooveblog.com/?v=3 Page URL
3. https://cchcontent.com/?k=b21e7b98c4c12f728e1018bbb1c93f22&type=mainstream&subtype=global&data1=PC HTTP 302
   https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966 Page URL
   
4. https://buzzonclick.com/jump/next.php?stamat=m%257CfzYjejNjaQdHkAH0dEdHP3xP.8a0%252C7H0PozvLiGV-YkDx825CHkjWOAjQrPDojABVqIMJIHOXo-5r07hM-iQ6Bco_kQuk2WwJoNC7jlab4WkoJS1-e-ssUkqLSZIoHjuE2rgv0YNT2Ajl2jhTwFrlC-DfefzDKo0uj8BVYN5An06ZZBkX7g%252C%252C&cbpage=https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966&cbur=0.4772713950335101&cbtitle=&cbiframe=0&cbWidth=1600&cbHeight=1200&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fusanewsnews.grooveblog.com%2F&ufp=Win32%2FMozilla%2FNetscape%2Ftrue%2Ffalse1600x1200-120de-DE81724%20bits HTTP 302
   https://buzzonclick.com/script/i.php?t=1&c=23735514&stamat=m%257C%252C%252CgjPqd3IyoGU3BZ-GH0dEdHP3xP.32b%252CwPjbJlkCZg8i3R-NrS2KTvROexIimEaI5E5nYrlZQo3rEpJzFmoe21gEN2f_l5n3vsqxqPkpvuupjdUsf-_50R2AQGz9vf_gQ22PvNLflDaSLq6VMER2b9AYjBEYUrHc3v4uD6elIO2lWgqRzfBLBXV_DFGJpyIK2XZVdc-FGqSZDgnow1kQe8J6TPqPqmX6YLBKWHRnSI3yhJvp-bTzHZ4Q53FD0PXO5E1fQ-EWDjos--9CNmQyLX648VN8fWwsiBKSJfdtDHOpEB1nVg5eiguRtYaP5OiAzUr4XyhqUDNFCOL80jA-qfEd7Wh48I_ItvP5DSkDEP2xdHmUQ98DiLkr9T9M63r0BdtCVywacfoSCf7ZwsxFhjQa45Rkst3LHJgQ1IwB8fpqSl358g50kX8RSyoqMbg_3Qn6ClkV88h7Ceej6YmQTqqidszdi7Htz4dQbOGxOtZ6y1B9PICJQjmX25jdetuU6YQnDANFV9ePqvVI5ilyhIWsUvkOyXTErBWIX62HvL1ksP8mJKV-Lzd49fbwHEnni_IJZ1yo38TL96_hKYw0teieVqWZGi5b5y2zDSb54PcihcU8Ntqg01_A0mKACFzvixaVvNrtM6nQwFvl9kllsrjGKZjRw06GE23rxBGvb-SKN4o-LSXbIKHahLKIJTjFO_hVDGNAsv6hPVwN8ha1DIVHVJG_SNqOPlfDNdgEhOOMxYJszhOt7A%252C%252C HTTP 302
   https://tracking.trackingshub.com/click?pid=6&offer_id=2435274&sub1=171401776610000TDETV62001R1b60R1010R2R1011R8bb6Rc7cbRaed16V86277&sub2=5660982-4035621963-0 HTTP 302
   https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=6629d5e7f1e763000139c393&source=6_5660982-4035621963-0 HTTP 307
   https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

• https://cchcontent.com/?k=b21e7b98c4c12f728e1018bbb1c93f22&type=mainstream&subtype=global&data1=PC HTTP 302
• https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response nytimetv.grooveblog.com/	25 KB 5 KB	308ms 222ms	Document text/html	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9718ceedbdbc2863d20405cad3b5253fe33fe828a3a1b3d33f592abbaaa8ac0b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 879b706f4d269731-FRA content-encoding gzip content-type text/html date Thu, 25 Apr 2024 04:02:43 GMT last-modified Thu, 25 Apr 2024 00:34:06 GMT server cloudflare
GET H/1.1	200 OK	combobreaker Show response back.lacentral.vip/api/scripts/	2 KB 2 KB	285ms 86ms	Script application/javascript	91.148.141.242 DAINTERNATIONALGROUP
General Check archive.org Show headers Download Go to Full URL https://back.lacentral.vip:3069/api/scripts/combobreaker?contador=onlyithenewf&owner=garcia3&isbot=false&before=true&selectedcountry= Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG), Reverse DNS e-relab.mobi Software / Express Resource Hash 98b2033c5103fe3937748ac75561ed99e8c2d2a2a901f8d99c6565e9abf4b10d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin * Date Thu, 25 Apr 2024 04:02:44 GMT Connection keep-alive X-Powered-By Express Keep-Alive timeout=5 Transfer-Encoding chunked Content-Type application/javascript
GET H2	200	e7647a48d4.js Show response kit.fontawesome.com/	12 KB 5 KB	185ms 33ms	Script text/javascript	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/e7647a48d4.js Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2aad277b5ddbcbbb152a9c10767f5c2aca0cc3376139e6f767823a0206c23f2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Origin https://nytimetv.grooveblog.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 21 vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 879b70720c82694b-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F8lhZZMqgGwO4SqEzihB
GET H3	200	tailwind.min.css cdnjs.cloudflare.com/ajax/libs/tailwindcss/1.9.6/	2 MB 46 KB	65ms 34ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/1.9.6/tailwind.min.css Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3661785 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46782 last-modified Fri, 23 Oct 2020 19:32:33 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f932fd1-1e0602" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fgu%2FxCklSi0vWRnr7avq7RVnfWC1iCgene3urqpUDLkxFALepyhpevVMxH9R7McbBkqBQ7nGuNr%2BErLRrrtnai79o8gYhzWDdmTraud%2B1AAqCSiKQb2FqD9vAMv5nlDpEphgnNO3dWON%2FT5%2BJrH2evkz"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 879b70714c74924f-FRA expires Tue, 15 Apr 2025 04:02:44 GMT
GET H2	200	css2 fonts.googleapis.com/	33 KB 2 KB	77ms 30ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e23b9456a09929c5ff380d3f7c6c61c5a30da47c94fe52a9d96159126f4c0dec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Apr 2024 04:02:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Apr 2024 04:02:44 GMT
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	60ms 28ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 27261 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eT56riQ8EYxzSONBWq4iV0luNZ%2FQaNpGADcOaIkLSazBIyBQqFLhVLYEpNWT5uXH3hASgOfM8w4hlrmjj7XhpndIX8YnWbLancfWFtsr50tT7xAGdAgxgBQwI6xxLq%2FtZ7VIcv7FaeU0n4a0YbcFRI%2Fl"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 879b70714c75924f-FRA expires Tue, 15 Apr 2025 04:02:44 GMT
GET H2	200	style.css nytimetv.grooveblog.com/css/	15 KB 4 KB	33ms 31ms	Stylesheet text/css	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nytimetv.grooveblog.com/css/style.css?v=17 Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a2f2dd8cda40f0844707f24233f7e7a7a2c84fac13be91d3cb5467c95b1945e7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/?v=11 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 25 Apr 2024 00:34:07 GMT server cloudflare age 1041 etag W/"6629a4ff-3d69" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 879b70711e7b9731-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H2	200	jwt-decode.js Show response nytimetv.grooveblog.com/js/	4 KB 2 KB	29ms 28ms	Script application/x-javascript	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nytimetv.grooveblog.com/js/jwt-decode.js Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b190768a27312ddecca5f1f2e2ef9c55a79457391e493fc514d4ce17ebd3b224 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/?v=11 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 25 Apr 2024 00:34:07 GMT server cloudflare age 2023 etag W/"6629a4ff-e68" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 879b70711e7e9731-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzL2FiNTE4OWUzLTU0ZTktNGUwMC04NDhhLWJiZDRkOWYyMWMyOC8xNzEzODM5NDE4X0ltYWdlbmRlV2hhdHNBcHAyMDI0MDQyMmFsYXMyMjI4MTBjZjQ3NTgyZS5qcGc.webp images.groovetech.io/sap7mvuHXnMxb1nYRYqU_8U2fwv2jnU6NZIK3OCiU8M/rs:fit:0:0:0/g:no:0:0/c:0:0/	20 KB 21 KB	178ms 27ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/sap7mvuHXnMxb1nYRYqU_8U2fwv2jnU6NZIK3OCiU8M/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzL2FiNTE4OWUzLTU0ZTktNGUwMC04NDhhLWJiZDRkOWYyMWMyOC8xNzEzODM5NDE4X0ltYWdlbmRlV2hhdHNBcHAyMDI0MDQyMmFsYXMyMjI4MTBjZjQ3NTgyZS5qcGc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 248585ed4c767944cf162ecfa5f7706bdae0f65fc87682a362ab61be6cb86d27 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 35334 content-disposition inline; filename="1713839418_ImagendeWhatsApp20240422alas222810cf47582e.webp" alt-svc h3=":443"; ma=86400 content-length 20772 x-request-id c79d43602d328a37286b116c6160564f last-modified Wed, 24 Apr 2024 18:13:50 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOsZKVvFwotzzJp82WcJQzAkIdaK0Ex7fwsv%2BCU0ktqQGhJ5tAVMkK4DMKCtRpLYKtK6vXKU8pxcCpK6VPP8pD3kg4WQPtJ2nIU3PYTrhQwCuAQOghAQIoGBjG62x0qSfRFoamfnoi2MtrmA7GSYhJF9uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70720f213718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/	28 KB 28 KB	181ms 30ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93ae5132802370bcbb24e29ff7fbf93662b7c2ba159e22c13d41ae1e5679ead4 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171815_main-banner.webp" alt-svc h3=":443"; ma=86400 content-length 28350 x-request-id bb2311d71587025753e8ab0c59cc2bea last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtMWRVAj6JTXexq2aXWjG7rYEcTjibipDkLeNmKwk%2BvV%2F3H7Yxj3VfhSobTWwtUa7fLkhJAtCgoWXsjd7JHaUdFvo%2FimP4n%2Fi0n0YM%2FYRwhKwoWTgZasGylYoTYK%2BWYn20K0Ixw19I20ApO5Es0JTwWO5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70720f1d3718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/	11 KB 11 KB	30ms 27ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3643ccb6ab78a00850c938303db61ff4d2d572c243863a1c961cc9ebc0a12bf Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171151_blog-2.webp" alt-svc h3=":443"; ma=86400 content-length 11252 x-request-id 448124e1d95789c779a1f22b96cf0527 last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvDJ%2BmbeMvtNSW7yfpkm9V4mPPFV4XVhqR0umdsV9r8PiVGTGpDOYVxOGthYxw6s31DJ8t%2FtlOSShAAbSlhIkd3n0NmQ55evAmFPcj8CAYMUTTVWiLsPeR%2FuaQFfrN0lX2iRrzLIixPbsxihjGhjUxLPoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70723f3d3718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNTIxX2Jsb2ctNC5wbmc.webp images.groovetech.io/xTi9q3sNGOeoYy77_PSnwE8Dt0Eprn4uB_h7nOZwW80/rs:fit:0:0:0/g:no:0:0/c:0:0/	4 KB 5 KB	27ms 27ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/xTi9q3sNGOeoYy77_PSnwE8Dt0Eprn4uB_h7nOZwW80/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNTIxX2Jsb2ctNC5wbmc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35a30832f997fb8367a2dd9944e922b04b2c4319e9ee54675948af56ccd05d65 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171521_blog-4.webp" alt-svc h3=":443"; ma=86400 content-length 4542 x-request-id eca9ac502b0d2b8bda203ad42b3d5f6a last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXxHi5ci6mi5xaUTLjy18FdYoga3WNXCye2qvpl6C753E2lk%2BWrKM7sPk%2BS79iAOJE4keaJTh5%2Boe2wC8gZsqxYGSOI074mm%2FN3eHkwFjZKzUdyEyIkx4v%2FoX0U%2FPasv%2FSRMvspjYTHDBaaVGkeOOfMUaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70723f3e3718-FRA
GET H3	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/	12 KB 12 KB	28ms 27ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bea125390c9a457da600dc62b14fe805007c83b5d97080b763dc43007818ddb Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 151218 content-disposition inline; filename="1680171442_blog-3.webp" alt-svc h3=":443"; ma=86400 content-length 12062 x-request-id e0871a66eacf2296c231f68bceccb8b5 last-modified Tue, 23 Apr 2024 10:02:26 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6pw1OMpjbaRx6oi4UVm%2Fesq0x%2FjrSP2yV3QJjpF4lJdeIaTUbdJmK9q2Hyxx3jGMD4pxdwB4OGiZrBjpcOkHJRXkBXw3Kj9HPWidpVu3ocfmoltCxVrkS4Rz%2BjlcteYB9ss6n6vWMi8Q2gwhCwuWntTSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70729aefbb7f-FRA
GET H2	200	1629792791_blog-1.png assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/	86 KB 87 KB	352ms 29ms	Image image/webp	2606:4700::6812:14b4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/1629792791_blog-1.png Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07f246bab9f2d6dc06aec29f59aebfca877000796fe2b835e2ca8aecf5976679 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT cf-cache-status HIT age 1604 cf-polished origFmt=png, origSize=136430 x-guploader-uploadid ABPtcPr-_liLaGmUluecXipe618gJsLAOK7Dh6WJhglFZZHqLuWBz9PEYyuvWf0yZOWLh6oGvdNbQnsR2Q x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename="1629792791_blog-1.webp" content-length 88092 cf-bgj imgq:85,h2pri last-modified Tue, 24 Aug 2021 08:13:11 GMT server cloudflare etag "27a867fda226365c2dd513c64d8b82f3" vary Accept x-goog-generation 1629792791630363 content-type image/webp access-control-allow-origin * x-goog-hash crc32c=D9AttQ==, md5=J6hn/aImNlwt1RPGTYuC8w== access-control-expose-headers Content-Type cache-control public, max-age=14400 x-goog-stored-content-length 136430 accept-ranges bytes cf-ray 879b7074da4a37de-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H2	200	app.js Show response app.groove.cm/groovemail/embed/	3 MB 301 KB	378ms 302ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.groove.cm/groovemail/embed/app.js Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5762e30e0d600cb7d74ebe6e2c2f9b589452cd23e9bba23af5de31ff5fd435a5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 17 Jan 2024 23:37:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65a864b4-3028e1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYSrvMDrxrHk0QIvPwkG7FNT86cmJ8FvCpLCYkkPNdMO1s%2FQe16mNMUTycxfwCsqICeJJXC26cjyV%2FAAO9dkr%2FhUoCvxsAzIqCwtNAI8qvQP4zB4dNPlS3eD4707yWN25l5jIqogqybmF436"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 879b7073793271df-FRA alt-svc h3=":443"; ma=86400
GET H2	200	slider.js Show response nytimetv.grooveblog.com/js/	2 KB 738 B	29ms 29ms	Script application/x-javascript	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nytimetv.grooveblog.com/js/slider.js?v=17 Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8b2547651262d89b1414149e4f5b29b69df13c7b747e04fea52fe762568ca7c6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/?v=11 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 25 Apr 2024 00:34:07 GMT server cloudflare age 2023 etag W/"6629a4ff-7ae" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 879b70726f789731-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H2	200	loadmore.js Show response nytimetv.grooveblog.com/js/	1 KB 536 B	28ms 28ms	Script application/x-javascript	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nytimetv.grooveblog.com/js/loadmore.js?v=17 Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b45a9df3f79bb36620441d2eb4f8ab2bb37f7bb91e6b78f6280514d8ce6fd342 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/?v=11 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip cf-cache-status HIT last-modified Thu, 25 Apr 2024 00:34:07 GMT server cloudflare age 2023 etag W/"6629a4ff-47a" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 879b70726f7a9731-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 637 B	27ms 26ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito&display=swap Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/css/style.css?v=17 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a98b3ab1d1fcf2cd367adf92734fa75730d939ac1a65f48700d5a3b8ee3e9395 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Apr 2024 02:18:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Apr 2024 04:02:44 GMT
GET H3	200	/ whos.amung.us/pingjs/	34 B 34 B	180ms 137ms	Image text/javascript	2606:4700:10::6816:4aab CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://whos.amung.us/pingjs/?k=onlyithenewf&t=La%20Central&c=s&x=https://twitter.com/&y=https://twitter.com/&a=-1&d=0&v=27&r=1926 Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:4aab , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare cf-ray 879b70733e884d85-FRA alt-svc h3=":443"; ma=86400 content-type text/javascript;charset=UTF-8
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzL2FiNTE4OWUzLTU0ZTktNGUwMC04NDhhLWJiZDRkOWYyMWMyOC8xNzEzODM5NDE4X0ltYWdlbmRlV2hhdHNBcHAyMDI0MDQyMmFsYXMyMjI4MTBjZjQ3NTgyZS5qcGc.webp images.groovetech.io/sap7mvuHXnMxb1nYRYqU_8U2fwv2jnU6NZIK3OCiU8M/rs:fit:0:0:0/g:no:0:0/c:0:0/	20 KB 0	0ms 0ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/sap7mvuHXnMxb1nYRYqU_8U2fwv2jnU6NZIK3OCiU8M/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzL2FiNTE4OWUzLTU0ZTktNGUwMC04NDhhLWJiZDRkOWYyMWMyOC8xNzEzODM5NDE4X0ltYWdlbmRlV2hhdHNBcHAyMDI0MDQyMmFsYXMyMjI4MTBjZjQ3NTgyZS5qcGc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 248585ed4c767944cf162ecfa5f7706bdae0f65fc87682a362ab61be6cb86d27 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 35334 content-disposition inline; filename="1713839418_ImagendeWhatsApp20240422alas222810cf47582e.webp" alt-svc h3=":443"; ma=86400 content-length 20772 x-request-id c79d43602d328a37286b116c6160564f last-modified Wed, 24 Apr 2024 18:13:50 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOsZKVvFwotzzJp82WcJQzAkIdaK0Ex7fwsv%2BCU0ktqQGhJ5tAVMkK4DMKCtRpLYKtK6vXKU8pxcCpK6VPP8pD3kg4WQPtJ2nIU3PYTrhQwCuAQOghAQIoGBjG62x0qSfRFoamfnoi2MtrmA7GSYhJF9uw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70720f213718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/	28 KB 0	2ms 2ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93ae5132802370bcbb24e29ff7fbf93662b7c2ba159e22c13d41ae1e5679ead4 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171815_main-banner.webp" alt-svc h3=":443"; ma=86400 content-length 28350 x-request-id bb2311d71587025753e8ab0c59cc2bea last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtMWRVAj6JTXexq2aXWjG7rYEcTjibipDkLeNmKwk%2BvV%2F3H7Yxj3VfhSobTWwtUa7fLkhJAtCgoWXsjd7JHaUdFvo%2FimP4n%2Fi0n0YM%2FYRwhKwoWTgZasGylYoTYK%2BWYn20K0Ixw19I20ApO5Es0JTwWO5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70720f1d3718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/	11 KB 0	2ms 2ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3643ccb6ab78a00850c938303db61ff4d2d572c243863a1c961cc9ebc0a12bf Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171151_blog-2.webp" alt-svc h3=":443"; ma=86400 content-length 11252 x-request-id 448124e1d95789c779a1f22b96cf0527 last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvDJ%2BmbeMvtNSW7yfpkm9V4mPPFV4XVhqR0umdsV9r8PiVGTGpDOYVxOGthYxw6s31DJ8t%2FtlOSShAAbSlhIkd3n0NmQ55evAmFPcj8CAYMUTTVWiLsPeR%2FuaQFfrN0lX2iRrzLIixPbsxihjGhjUxLPoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70723f3d3718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNTIxX2Jsb2ctNC5wbmc.webp images.groovetech.io/xTi9q3sNGOeoYy77_PSnwE8Dt0Eprn4uB_h7nOZwW80/rs:fit:0:0:0/g:no:0:0/c:0:0/	4 KB 0	3ms 3ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/xTi9q3sNGOeoYy77_PSnwE8Dt0Eprn4uB_h7nOZwW80/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNTIxX2Jsb2ctNC5wbmc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35a30832f997fb8367a2dd9944e922b04b2c4319e9ee54675948af56ccd05d65 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171521_blog-4.webp" alt-svc h3=":443"; ma=86400 content-length 4542 x-request-id eca9ac502b0d2b8bda203ad42b3d5f6a last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXxHi5ci6mi5xaUTLjy18FdYoga3WNXCye2qvpl6C753E2lk%2BWrKM7sPk%2BS79iAOJE4keaJTh5%2Boe2wC8gZsqxYGSOI074mm%2FN3eHkwFjZKzUdyEyIkx4v%2FoX0U%2FPasv%2FSRMvspjYTHDBaaVGkeOOfMUaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70723f3e3718-FRA
GET H3	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/	12 KB 0	4ms 4ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bea125390c9a457da600dc62b14fe805007c83b5d97080b763dc43007818ddb Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 151218 content-disposition inline; filename="1680171442_blog-3.webp" alt-svc h3=":443"; ma=86400 content-length 12062 x-request-id e0871a66eacf2296c231f68bceccb8b5 last-modified Tue, 23 Apr 2024 10:02:26 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6pw1OMpjbaRx6oi4UVm%2Fesq0x%2FjrSP2yV3QJjpF4lJdeIaTUbdJmK9q2Hyxx3jGMD4pxdwB4OGiZrBjpcOkHJRXkBXw3Kj9HPWidpVu3ocfmoltCxVrkS4Rz%2BjlcteYB9ss6n6vWMi8Q2gwhCwuWntTSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70729aefbb7f-FRA
GET H2	200	1629792791_blog-1.png assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/	86 KB 0	328ms 328ms	Image image/webp	2606:4700::6812:14b4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/1629792791_blog-1.png Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07f246bab9f2d6dc06aec29f59aebfca877000796fe2b835e2ca8aecf5976679 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT cf-cache-status HIT age 1604 cf-polished origFmt=png, origSize=136430 x-guploader-uploadid ABPtcPr-_liLaGmUluecXipe618gJsLAOK7Dh6WJhglFZZHqLuWBz9PEYyuvWf0yZOWLh6oGvdNbQnsR2Q x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename="1629792791_blog-1.webp" content-length 88092 cf-bgj imgq:85,h2pri last-modified Tue, 24 Aug 2021 08:13:11 GMT server cloudflare etag "27a867fda226365c2dd513c64d8b82f3" vary Accept x-goog-generation 1629792791630363 content-type image/webp access-control-allow-origin * x-goog-hash crc32c=D9AttQ==, md5=J6hn/aImNlwt1RPGTYuC8w== access-control-expose-headers Content-Type cache-control public, max-age=14400 x-goog-stored-content-length 136430 accept-ranges bytes cf-ray 879b7074da4a37de-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H3	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	70ms 34ms	Fetch text/css	2606:4700:3034::6815:1adf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=e7647a48d4 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/e7647a48d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT via 1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 7869 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rijxvgIyGa4FbZJJGbPazayRvQveknLPfDawuBC6hFdbOVxzRVpHLaZriOTcXT3wHtyP4SFjqcoZ6pUou%2BYM8Zl9832kEDWUI4U0%2BC49ee48PyEJZ78XokYJAHEoY4wVO5xl68lJlZWHbrrGWN51lz0hTQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 879b70734a6418e2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id LJKqFeTOR8npbx44S8nO5C5MmBIPwXAr1-gS_IfYHc8USTmKaONYtg==
GET H3	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 5 KB	89ms 53ms	Fetch text/css	2606:4700:3034::6815:1adf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=e7647a48d4 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/e7647a48d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT via 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 7869 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IEnkSBDL7xL6NWgNHa7uCLVjN8ow3U0WdKQX0Pj1NNhoM0ZluxZo5PAFhP0O8A%2Fkvh6pk8JZaykNDFKhDBPmhvRCOqfhS5755DhaCe%2FSsLQ4nNyPXbpORgq3bT%2Bmn0Vk8hPqZ%2BKbIAvllAM8eH85UmBrhw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 879b70734a6718e2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id xElUuPcy9_6yDir1pFQ6o5TXGuFQX-PAabtW7XXgx8C9oA3N9vHJHw==
GET H3	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 1 KB	68ms 33ms	Fetch text/css	2606:4700:3034::6815:1adf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=e7647a48d4 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/e7647a48d4.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:1adf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT via 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 7869 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRT%2B305H9Y2811DG4Fa2jRwb8Tm1v0QYhHACs7KfnHYcCMmrSqSUY5AwYgDGT1851dXKPKc0CLqsuVjvKiGfGBtAdsCpX2AaxzQtlBKvT%2FgoMk4bffBRttfY8cnFaMZ9PcD4%2BhFm7j9VXAnRcakBlFaRjw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 879b70734a6518e2-FRA access-control-allow-headers fa-kit-token x-amz-cf-id 0ttb_AMbOo78g3L-fSm1CpdA2HT0g3tziJwFk8QYE6ZxGC-zi6RaVw==
GET H2	404	favicon.ico nytimetv.grooveblog.com/	2 KB 1 KB	219ms 218ms	Other text/html	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://nytimetv.grooveblog.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75a1db019d9cdb2ff660bf72ed4bfbb7c50b8755780a0f05e474c403fac35640 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://nytimetv.grooveblog.com/?v=11 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT content-encoding gzip cf-cache-status EXPIRED server cloudflare vary Accept-Encoding content-type text/html cache-control public, max-age=14400 cf-ray 879b70762a1c9731-FRA expires Thu, 25 Apr 2024 08:02:45 GMT
GET H2	200	/ Show response usanewsnews.grooveblog.com/	25 KB 5 KB	223ms 213ms	Document text/html	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://usanewsnews.grooveblog.com/?v=3 Requested by Host: nytimetv.grooveblog.com URL: https://nytimetv.grooveblog.com/?v=11 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1fbbb56f4f15eae0ce67f1010a57f09f899565d30db8767bb0f05c7f2855e239 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://nytimetv.grooveblog.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cf-cache-status DYNAMIC cf-ray 879b7079ecaa9731-FRA content-encoding gzip content-type text/html date Thu, 25 Apr 2024 04:02:45 GMT last-modified Tue, 23 Apr 2024 20:20:33 GMT server cloudflare
GET H/1.1	200 OK	index.php 2fu.us/	119 B 464 B	218ms 49ms	Script application/javascript	91.148.141.242 DAINTERNATIONALGROUP
General Check archive.org Show headers Download Go to Full URL https://2fu.us/index.php?username=eldemo4&counter=tigaga1 Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 91.148.141.242 Sofia, Bulgaria, ASN203380 (DAINTERNATIONALGROUP, BG), Reverse DNS e-relab.mobi Software nginx/1.20.1 / PHP/8.0.30 Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Pragma no-cache Date Thu, 25 Apr 2024 04:02:45 GMT Server nginx/1.20.1 X-Powered-By PHP/8.0.30 Transfer-Encoding chunked Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 Connection keep-alive
GET H2	200	e7647a48d4.js Show response kit.fontawesome.com/	12 KB 4 KB	36ms 31ms	Script text/javascript	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/e7647a48d4.js Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e2aad277b5ddbcbbb152a9c10767f5c2aca0cc3376139e6f767823a0206c23f2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Origin https://usanewsnews.grooveblog.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT content-encoding gzip cf-cache-status HIT server cloudflare age 21 vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 879b707b588d694b-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F8kCzDfX-uKCLhgxx6OC
GET H3	200	tailwind.min.css cdnjs.cloudflare.com/ajax/libs/tailwindcss/1.9.6/	2 MB 0	1ms 1ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/tailwindcss/1.9.6/tailwind.min.css Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1ad2f9d383ef7e0adb2760405b4a8518ae632f1e7efdd2963bec491c44e2f69 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3661785 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 46782 last-modified Fri, 23 Oct 2020 19:32:33 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5f932fd1-1e0602" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fgu%2FxCklSi0vWRnr7avq7RVnfWC1iCgene3urqpUDLkxFALepyhpevVMxH9R7McbBkqBQ7nGuNr%2BErLRrrtnai79o8gYhzWDdmTraud%2B1AAqCSiKQb2FqD9vAMv5nlDpEphgnNO3dWON%2FT5%2BJrH2evkz"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 879b70714c74924f-FRA expires Tue, 15 Apr 2025 04:02:44 GMT
GET H2	200	css2 fonts.googleapis.com/	33 KB 0	2ms 2ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Merriweather:wght@400;700;900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e23b9456a09929c5ff380d3f7c6c61c5a30da47c94fe52a9d96159126f4c0dec Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Apr 2024 04:02:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Apr 2024 04:02:44 GMT
GET H3	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 0	3ms 3ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 27261 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eT56riQ8EYxzSONBWq4iV0luNZ%2FQaNpGADcOaIkLSazBIyBQqFLhVLYEpNWT5uXH3hASgOfM8w4hlrmjj7XhpndIX8YnWbLancfWFtsr50tT7xAGdAgxgBQwI6xxLq%2FtZ7VIcv7FaeU0n4a0YbcFRI%2Fl"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 879b70714c75924f-FRA expires Tue, 15 Apr 2025 04:02:44 GMT
GET H2	200	style.css usanewsnews.grooveblog.com/css/	15 KB 3 KB	230ms 225ms	Stylesheet text/css	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://usanewsnews.grooveblog.com/css/style.css?v=4 Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/?v=3 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 23 Apr 2024 20:20:33 GMT server cloudflare etag W/"66281811-3d69" vary Accept-Encoding content-type text/css cache-control public, max-age=14400 cf-ray 879b707b5d919731-FRA expires Thu, 25 Apr 2024 08:02:45 GMT
GET H2	200	jwt-decode.js usanewsnews.grooveblog.com/js/	4 KB 1 KB	223ms 218ms	Script application/x-javascript	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://usanewsnews.grooveblog.com/js/jwt-decode.js Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/?v=3 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 23 Apr 2024 20:20:33 GMT server cloudflare etag W/"66281811-e68" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 879b707b5d929731-FRA expires Thu, 25 Apr 2024 08:02:45 GMT
GET H2	200	logo.png usanewsnews.grooveblog.com/images/	1 KB 1 KB	239ms 234ms	Image image/png	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://usanewsnews.grooveblog.com/images/logo.png Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/?v=3 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT cf-cache-status REVALIDATED last-modified Tue, 23 Apr 2024 20:20:33 GMT server cloudflare etag "66281811-590" vary Accept-Encoding content-type image/png cache-control public, max-age=14400 accept-ranges bytes cf-ray 879b707b5d939731-FRA content-length 1424 expires Thu, 25 Apr 2024 08:02:45 GMT
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/	28 KB 0	4ms 4ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/D78qybNmGNO1Ee1dqi4ZINxcrRvoNp3UOvrur-MavDc/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxODE1X21haW4tYmFubmVyLnBuZw.webp Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93ae5132802370bcbb24e29ff7fbf93662b7c2ba159e22c13d41ae1e5679ead4 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171815_main-banner.webp" alt-svc h3=":443"; ma=86400 content-length 28350 x-request-id bb2311d71587025753e8ab0c59cc2bea last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TtMWRVAj6JTXexq2aXWjG7rYEcTjibipDkLeNmKwk%2BvV%2F3H7Yxj3VfhSobTWwtUa7fLkhJAtCgoWXsjd7JHaUdFvo%2FimP4n%2Fi0n0YM%2FYRwhKwoWTgZasGylYoTYK%2BWYn20K0Ixw19I20ApO5Es0JTwWO5A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70720f1d3718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/	11 KB 0	0ms 0ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/IaC_JPWCA7kU5deeLjyHkVlqK0ltmc5C6fvMt-cQihA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxMTUxX2Jsb2ctMi5wbmc.webp Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3643ccb6ab78a00850c938303db61ff4d2d572c243863a1c961cc9ebc0a12bf Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171151_blog-2.webp" alt-svc h3=":443"; ma=86400 content-length 11252 x-request-id 448124e1d95789c779a1f22b96cf0527 last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvDJ%2BmbeMvtNSW7yfpkm9V4mPPFV4XVhqR0umdsV9r8PiVGTGpDOYVxOGthYxw6s31DJ8t%2FtlOSShAAbSlhIkd3n0NmQ55evAmFPcj8CAYMUTTVWiLsPeR%2FuaQFfrN0lX2iRrzLIixPbsxihjGhjUxLPoQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70723f3d3718-FRA
GET H2	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNTIxX2Jsb2ctNC5wbmc.webp images.groovetech.io/xTi9q3sNGOeoYy77_PSnwE8Dt0Eprn4uB_h7nOZwW80/rs:fit:0:0:0/g:no:0:0/c:0:0/	4 KB 0	2ms 2ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/xTi9q3sNGOeoYy77_PSnwE8Dt0Eprn4uB_h7nOZwW80/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNTIxX2Jsb2ctNC5wbmc.webp Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35a30832f997fb8367a2dd9944e922b04b2c4319e9ee54675948af56ccd05d65 Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152855 content-disposition inline; filename="1680171521_blog-4.webp" alt-svc h3=":443"; ma=86400 content-length 4542 x-request-id eca9ac502b0d2b8bda203ad42b3d5f6a last-modified Tue, 23 Apr 2024 09:35:09 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YXxHi5ci6mi5xaUTLjy18FdYoga3WNXCye2qvpl6C753E2lk%2BWrKM7sPk%2BS79iAOJE4keaJTh5%2Boe2wC8gZsqxYGSOI074mm%2FN3eHkwFjZKzUdyEyIkx4v%2FoX0U%2FPasv%2FSRMvspjYTHDBaaVGkeOOfMUaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70723f3e3718-FRA
GET H3	200	aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/	12 KB 0	3ms 3ms	Image image/webp	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://images.groovetech.io/kSseqhnEjTfEqvWjXgmUjcRF1M6lDvurxQBT2THUpIA/rs:fit:0:0:0/g:no:0:0/c:0:0/aHR0cHM6Ly9hc3NldHMuZ3Jvb3ZlYXBwcy5jb20vaW1hZ2VzLzVmMGQ1ZDRhNmNhMWJkMDAxNmM1MTQyZi8xNjgwMTcxNDQyX2Jsb2ctMy5wbmc.webp Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1bea125390c9a457da600dc62b14fe805007c83b5d97080b763dc43007818ddb Security Headers Name Value Content-Security-Policy script-src 'none' Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-security-policy script-src 'none' cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 151218 content-disposition inline; filename="1680171442_blog-3.webp" alt-svc h3=":443"; ma=86400 content-length 12062 x-request-id e0871a66eacf2296c231f68bceccb8b5 last-modified Tue, 23 Apr 2024 10:02:26 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6pw1OMpjbaRx6oi4UVm%2Fesq0x%2FjrSP2yV3QJjpF4lJdeIaTUbdJmK9q2Hyxx3jGMD4pxdwB4OGiZrBjpcOkHJRXkBXw3Kj9HPWidpVu3ocfmoltCxVrkS4Rz%2BjlcteYB9ss6n6vWMi8Q2gwhCwuWntTSg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=31536000 accept-ranges bytes cf-ray 879b70729aefbb7f-FRA
GET H2	200	1629792791_blog-1.png assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/	86 KB 0	3ms 3ms	Image image/webp	2606:4700::6812:14b4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.grooveapps.com/images/39def2de-bb20-4ac0-a39e-3abec740a811/1629792791_blog-1.png Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:14b4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07f246bab9f2d6dc06aec29f59aebfca877000796fe2b835e2ca8aecf5976679 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT cf-cache-status HIT age 1604 cf-polished origFmt=png, origSize=136430 x-guploader-uploadid ABPtcPr-_liLaGmUluecXipe618gJsLAOK7Dh6WJhglFZZHqLuWBz9PEYyuvWf0yZOWLh6oGvdNbQnsR2Q x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename="1629792791_blog-1.webp" content-length 88092 cf-bgj imgq:85,h2pri last-modified Tue, 24 Aug 2021 08:13:11 GMT server cloudflare etag "27a867fda226365c2dd513c64d8b82f3" vary Accept x-goog-generation 1629792791630363 content-type image/webp access-control-allow-origin * x-goog-hash crc32c=D9AttQ==, md5=J6hn/aImNlwt1RPGTYuC8w== access-control-expose-headers Content-Type cache-control public, max-age=14400 x-goog-stored-content-length 136430 accept-ranges bytes cf-ray 879b7074da4a37de-FRA expires Thu, 25 Apr 2024 08:02:44 GMT
GET H2	200	app.js Show response app.groove.cm/groovemail/embed/	3 MB 0	0ms 0ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.groove.cm/groovemail/embed/app.js Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5762e30e0d600cb7d74ebe6e2c2f9b589452cd23e9bba23af5de31ff5fd435a5 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding br cf-cache-status REVALIDATED last-modified Wed, 17 Jan 2024 23:37:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"65a864b4-3028e1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yYSrvMDrxrHk0QIvPwkG7FNT86cmJ8FvCpLCYkkPNdMO1s%2FQe16mNMUTycxfwCsqICeJJXC26cjyV%2FAAO9dkr%2FhUoCvxsAzIqCwtNAI8qvQP4zB4dNPlS3eD4707yWN25l5jIqogqybmF436"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 879b7073793271df-FRA alt-svc h3=":443"; ma=86400
GET H2	200	slider.js usanewsnews.grooveblog.com/js/	2 KB 737 B	224ms 222ms	Script application/x-javascript	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://usanewsnews.grooveblog.com/js/slider.js?v=4 Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/?v=3 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 23 Apr 2024 20:20:33 GMT server cloudflare etag W/"66281811-7ae" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 879b707bdde29731-FRA expires Thu, 25 Apr 2024 08:02:45 GMT
GET H2	200	loadmore.js usanewsnews.grooveblog.com/js/	1 KB 535 B	218ms 216ms	Script application/x-javascript	2606:4700::6812:e03 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://usanewsnews.grooveblog.com/js/loadmore.js?v=4 Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/?v=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:e03 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/?v=3 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:45 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Tue, 23 Apr 2024 20:20:33 GMT server cloudflare etag W/"66281811-47a" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=14400 cf-ray 879b707bdde49731-FRA expires Thu, 25 Apr 2024 08:02:45 GMT
GET H3	200	next.php buzzonclick.com/jump/ Redirect Chain https://cchcontent.com/?k=b21e7b98c4c12f728e1018bbb1c93f22&type=mainstream&subtype=global&data1=PC https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966	8 KB 4 KB	241ms 205ms	Document text/html	2606:4700:3030::ac43:a49b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966 Requested by Host: 2fu.us URL: https://2fu.us/index.php?username=eldemo4&counter=tigaga1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3030::ac43:a49b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://usanewsnews.grooveblog.com/?v=3 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers Content-Type access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 879b707fdbf11905-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 25 Apr 2024 04:02:46 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8U3QC75RoYkSJuV14JuPd4BfpI7m8j0ZICecoLdFHsBk4WqA1HQQ1FiKIk5XOprxStBDx87zTzTyhMoVnhKaGpC6JSU2KY%2F1i%2FRuLxrwCuL7t%2FGR9xubg7seclquIbldBVfQqYxgLwOykFPKkKI%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html; charset=UTF-8 Date Thu, 25 Apr 2024 04:02:46 GMT Location https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966 Server nginx/1.16.1 (Ubuntu)
GET H2	200	css2 fonts.googleapis.com/	2 KB 0	0ms 0ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Nunito&display=swap Requested by Host: usanewsnews.grooveblog.com URL: https://usanewsnews.grooveblog.com/css/style.css?v=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://usanewsnews.grooveblog.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Apr 2024 02:18:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Apr 2024 04:02:44 GMT
GET H3	200	Primary Request / Show response distrib.addon-continue.com/ Redirect Chain https://buzzonclick.com/jump/next.php?stamat=m%257CfzYjejNjaQdHkAH0dEdHP3xP.8a0%252C7H0PozvLiGV-YkDx825CHkjWOAjQrPDojABVqIMJIHOXo-5r07hM-iQ6Bco_kQuk2WwJoNC7jlab4WkoJS1-e-ssUkqLSZIoHjuE2rgv0YNT2Ajl2... https://buzzonclick.com/script/i.php?t=1&c=23735514&stamat=m%257C%252C%252CgjPqd3IyoGU3BZ-GH0dEdHP3xP.32b%252CwPjbJlkCZg8i3R-NrS2KTvROexIimEaI5E5nYrlZQo3rEpJzFmoe21gEN2f_l5n3vsqxqPkpvuupjdUsf-_50R2... https://tracking.trackingshub.com/click?pid=6&offer_id=2435274&sub1=171401776610000TDETV62001R1b60R1010R2R1011R8bb6Rc7cbRaed16V86277&sub2=5660982-4035621963-0 https://excellingvista.com/click?key=x0nnnbi4dcpu0z79pqlh&externalid=6629d5e7f1e763000139c393&source=6_5660982-4035621963-0 https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96...	5 KB 3 KB	77ms 36ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Requested by Host: buzzonclick.com URL: https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 4543bea8d23b57490256504012be67285d207a0927036a2fb77a3dc3e6d734a0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://buzzonclick.com/jump/next.php?r=5660982&pub_clickid=17049203c60ec2e6236509f3c878979f&sub1=15966 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 879b70856e8865de-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 25 Apr 2024 04:02:47 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9BvuIDGssXCxteEQ9WBvHQlMZ1xf%2FpdGjYaq5uum%2FPJx%2FR8tORHH1LPNyoN78oUclV5ehfGnShbw5bGUPK6NaGVhXsg6IA28aOVJ61EiFYpC8Z%2BfdmAwueQrlb18oHvihaZJE9ZELeUZQcKmIFPSeLWo0PsXLRuWA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding x-content-type-options nosniff x-frame-options DENY x-powered-by Next.js Redirect headers content-length 0 date Thu, 25 Apr 2024 04:02:47 GMT location https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true server Caddy x-request-id c289ffc2-9012-452e-bce9-64b6b97dadf9
GET H2	200	js Show response www.googletagmanager.com/gtag/	254 KB 89 KB	86ms 35ms	Script application/javascript	2a00:1450:4001:81d::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5593b2ca7d072025e3f9af05b03c553a66a5e44667155bf4645f89b1a93b0e45 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91254 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 25 Apr 2024 04:02:47 GMT
GET H3	200	9d92a176c9608aa4.css distrib.addon-continue.com/_next/static/css/	102 B 633 B	28ms 28ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/css/9d92a176c9608aa4.css Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b5d584b6200dfb2ea17d372ceb88c61ee68bf6e7ae5cabed28d31952b048a10 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1091560 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Thu, 11 Apr 2024 22:48:31 GMT server cloudflare etag W/"66-18ecf592a84" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JRKAdeq%2FJQwQclYQHQrnnaBH8dXT77MW7FaIsE%2BL2a64y1CawcK6JNcbkdAIuVJKaw5beUh1VkBsaVq7w2WMNCSK81hC1CF9x91FLDxHK2BhGxVBcWwW%2FIUXxUGc2doDl87ozYCMtbaJ0xn8KgGZbmWrwvUp2H0DwQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085beaf65de-FRA
GET H3	200	0e437931d7fe52cf.css distrib.addon-continue.com/_next/static/css/	53 KB 28 KB	34ms 34ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/css/0e437931d7fe52cf.css Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ef1b5ea18218cbe2dbb060cec299564c60e4003d031aef1864c1ed26204e218 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"d529-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQdQt6HtBjSTWcfE30fzcCre9tmq6n2BCj1aS%2Bu906gFOE09yO441WmBe4xBVUemIRJydjzQAUonfURvnZi05nqXQ18zkITk9UU7LLGkYqtznwC%2FR9cBxixw%2BpC0HawTFj34QjC%2F4PgU9cxXMrAEobrH8BZdR%2F9O%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085beb065de-FRA
GET H3	200	2e9cbdf0c6e659e1.css distrib.addon-continue.com/_next/static/css/	3 KB 1 KB	30ms 29ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/css/2e9cbdf0c6e659e1.css Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d544ec36b753b5f443ad4cd107921547fc22b6e98ccd37aa27db5fcb2650ce48 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"c94-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type text/css; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndgMpC805z8YVj74%2FADJt3cXCDGHxMCdE4e0pI%2FJd6wETfw54UN%2BoPWKWyAfdbI8NGIZ5KzdGMyqaKoHQmTM0u3pw1HvHrTwY6hg3O43TTIkfbdcvvH5%2Br9%2BzQbVNkj3vSg%2FRYcx7UOLXFPztmEnO5HenJYEBbMpOQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085beb265de-FRA
GET H3	200	928-c2f21a8f08d3e689.js Show response distrib.addon-continue.com/_next/static/chunks/	113 KB 38 KB	45ms 44ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/928-c2f21a8f08d3e689.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a8f69e594f30374fe90fa9fef9294a0e83f8e482aad7b50d07fd13661f72c2e8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"1c567-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FqvBqkRdelXJsm914eq9rJu6n37%2BtQpOPNjXWYWw7lKXaKBPFAK8JO8BGclHvvOUiUSIpjy%2FKQUeRAiBX%2FM0j45qBLVRNrkp2bpA2QNsHHpe4pd%2BWrhOEl795B2KBwgJ5gqXCYxN4lYpaGCIsYX4H1wFiELZWDkIoQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cebf65de-FRA
GET H3	200	166.cc24d2f36cec7576.js Show response distrib.addon-continue.com/_next/static/chunks/	18 KB 8 KB	82ms 81ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/166.cc24d2f36cec7576.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c49e3ddcc4849b67f3d7dddabf1a2e6647ab6b7f004dd108d20a27210625118 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"49dd-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eUGoAsTvOtIPoinJu18McUc6gsvaD9ExU24Gzpik3tsJfYhHb%2Bi8Pweje9TnrkwhJa21CcphYAY7LF2wOD7y09%2FNxXNSaDuEO8urhtGom6wAoVqHsnadeJKwOX9y%2FdtOToFq9M2xsp6uAaXM9nlSbdHXFGBPwtzHTA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec065de-FRA
GET H3	200	983.decb053567d84af8.js Show response distrib.addon-continue.com/_next/static/chunks/	151 KB 37 KB	84ms 82ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/983.decb053567d84af8.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94e210b2942e864e90b36f77cf326e87ca5d2f7e07c416ecbdfcc0f763983022 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"25d78-18f124c33d1" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RJ7ZzqIt1bt7VEjoDLjfPD2cElvDvjoFMvLEBQJg7%2BK9v0zrfh17g8meQ2W5GS73jCHiHw9gYvV94D3%2FLjzz9inmke9nzXqoEt9P4OUMlrradASmk%2FFz%2F3MDqAdBQaSBJwQ8t5XMTqFSeQRcxJXt2FbHpB%2BSQdlaBQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec265de-FRA
GET H3	200	webpack-ed30c6944ce19d59.js Show response distrib.addon-continue.com/_next/static/chunks/	11 KB 6 KB	101ms 100ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/webpack-ed30c6944ce19d59.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caba1062eda942a8db9e330065315ec71f6897ecbb79f9fc65fa44cb6d690ae0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"2b47-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m1k4n0YSuAQfoNuON9bZ8HN%2Ba11pxe7UO3l2fxWGtv1flQNnDyVTEl%2F%2B3EB8C78BQrxwwN2kbCWaVAdX52rAvryr%2F8oDq%2BE9TjTW1LobbI9Y%2FY18ZAii0IZpXA9TMcv9YUAYgkivBdswXFOkGgf7vP3PSwNnlNQkUA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec365de-FRA
GET H3	200	framework-2e7034d8726f1e32.js Show response distrib.addon-continue.com/_next/static/chunks/	291 KB 101 KB	102ms 101ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/framework-2e7034d8726f1e32.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7df95b1261ac41c2856e5026492361429f201f41254c2d85794a3843b1717ea3 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"48be7-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrlGhrtr%2Bay2CFnPLZVTCQnh8R%2F6W0LJtwmO1xFSVgC4D4ITzydoxU7piDjqjewWjZcJzCDGm1FCcG5vQSJwRrJt2FUiU9qwyiMK8qLqLmuxOiSZe45BNe30q0HMvDIR61BIHE7Dxp9SYjFeQM1MK0WNmysksy0FOw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec465de-FRA
GET H3	200	main-6fac612239331eef.js Show response distrib.addon-continue.com/_next/static/chunks/	158 KB 56 KB	121ms 121ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/main-6fac612239331eef.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe0cf109559e243305bb4171096ac40c87c3e8d6e63073c535012761ec62a10b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"27953-18f124c33d5" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZylG8oHDlfoPNMS5zmSPWt7CAGcmusveqGsmD1TX35MUpqF0W9b6Rgfjj9Lo3XDB31j56hG6V%2BF1qdbbFjQqEwmDE6RmaTWILC3%2FtI1j32Are8kc2X6XOSMUdbSsKkcKxvUwTqGAQvfUIxju1rF3s2Uv6Jn19z%2BEA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec565de-FRA
GET H3	200	_app-80c51da4c4f235c0.js Show response distrib.addon-continue.com/_next/static/chunks/pages/	80 KB 40 KB	123ms 122ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/pages/_app-80c51da4c4f235c0.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a68a59c3186c1203d44f36b8e2ea65d7b2cc8dd97d4653552c2dc3b3abc45627 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"13eee-18f124c33d1" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFfK03M5DENcI2To936g9xoxVcGri7B6eX2x0VN0nd7KslSrWJLZavjsJ0mKWsZ9lgE805zU7wzN4e6xxm114xziBO5dewEctj1en6oi%2BcEymn15dmv21P%2BZeUxN3UOUeYGVqclVAKCgcosewfZOKAUEHQOx7zhWxA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec665de-FRA
GET H3	200	index-f0f92df9fb8ce005.js Show response distrib.addon-continue.com/_next/static/chunks/pages/	21 KB 9 KB	128ms 128ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/chunks/pages/index-f0f92df9fb8ce005.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash adc488a2f76888f75fa68e9ddd4ed659e32626da4bf35aa49fa0c42e297a9ead Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"5514-18f124c33d1" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIkVrs1Utd2DP3OBTOqQzlQXZ8f1AE2UmeJixYFxKZlpdu%2F1kcpse2xt2Op6%2FintzEbuNDyXHZ5R9c%2FVvUgy1K%2BptcRktrv5QMdSAAET8sKxv8Clh9Yi5hXbM9afE1Kzw7yiD2R3GFgRytNC2Hkjom3iRVbkjhLUtw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec765de-FRA
GET H3	200	_buildManifest.js Show response distrib.addon-continue.com/_next/static/NnCdhEpMERvTSBDjk9y05/	1 KB 1 KB	129ms 128ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/NnCdhEpMERvTSBDjk9y05/_buildManifest.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 059b5e596dd86df0c6fb50ff98d90ae675e180680bc985e30d26620fd5fb9b91 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"407-18f124c33cd" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bybqJSN05znzOlHqMzC7Zr%2BV2IFCgkY3WzIDTy6%2B3iGuMFuAs2H%2FJEpGIyiryqLSb6R%2BmXhAt7oxOv5OLnVNKIgweXIU7dFYjkZ7n46ipVSt86ZkCkqjKfjQxQPLX1HrPxNi4QqrlrLl7IpTzpPMo2Uedc7VkzITxg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec865de-FRA
GET H3	200	_ssgManifest.js Show response distrib.addon-continue.com/_next/static/NnCdhEpMERvTSBDjk9y05/	77 B 613 B	130ms 129ms	Script application/javascript	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/_next/static/NnCdhEpMERvTSBDjk9y05/_ssgManifest.js Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 18747 content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:54 GMT server cloudflare etag W/"4d-18f124c33cd" vary Accept-Encoding x-frame-options DENY content-type application/javascript; charset=UTF-8 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DEqpmEgGq6j1oNt2OG0G0%2FJBaAtCMem4syIKuIQL4%2B8SCBOh772wh4lD1L2bUHRADzmID5fQKiGOEKR0qpNWy5HKL06ljQKs0I2oXD1yRhrY1VrNo432KhV0zXq1Ji37ewOb2FO7zbRvEll1O1uWCoK5CxU02LOCLQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=31536000, immutable cf-ray 879b7085cec965de-FRA
GET H3	200	icon.svg distrib.addon-continue.com/images/promo-images/salmon/	3 KB 2 KB	86ms 86ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://distrib.addon-continue.com/images/promo-images/salmon/icon.svg Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/_next/static/css/2e9cbdf0c6e659e1.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed9c06d28b4aab2e9425dd9e64248d3d5e5d8c2036129164d2e2e3a925fa3afa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/_next/static/css/2e9cbdf0c6e659e1.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:40 GMT server cloudflare etag W/"c75-18f124bfcb5" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zySm3BmmyfQIcKJgNkpsgLtWLEnzKEyHqXjrBmbYksPSTI6Y4V7np5pn2914BYvtdx33xaUEjt%2BG0tkxl%2F2z4QwGdmxzaFoUaiVFpkkfYsB1mh8T2zdjkUBVGM7M9ROGxKV8loh3qzRFWTzFO5qaolyDMcQlENehog%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=14400 cf-ray 879b70861ef965de-FRA
GET H3	200	available-in-chrome.svg distrib.addon-continue.com/images/browser-icons/	21 KB 8 KB	87ms 87ms	Image image/svg+xml	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://distrib.addon-continue.com/images/browser-icons/available-in-chrome.svg Requested by Host: distrib.addon-continue.com URL: https://distrib.addon-continue.com/_next/static/css/0e437931d7fe52cf.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 724121ec42efc03e19ee936460fb1270c3b90b3ebf1ff940191e0a32e4504caa Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/_next/static/css/0e437931d7fe52cf.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:40 GMT server cloudflare etag W/"5287-18f124bfc95" vary Accept-Encoding x-frame-options DENY content-type image/svg+xml report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ys%2BXSiJAV8Xmij%2BvLks03wOQwoVDWjOh3tulnPY%2B9F7mlqyabOwRDOo6Xj8QhlM5OOJeq%2BCSP%2BozXSvI%2FiDL4Vv8KYdlW5I21V3UXarzQXZJaxVSvyN859%2FObzEk3nuaUZMc6k1cANpOXTqkfoRpRsa5zP8tsU%2FZ4g%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=14400 cf-ray 879b70861efb65de-FRA
POST H2	204	collect region1.google-analytics.com/g/	0 261 B	71ms 26ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-D9B6K7HFTW&gtm=45je44o0v9138996702za200&_p=1714017767314&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=2097646325.1714017767&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714017767&sct=1&seg=0&dl=https%3A%2F%2Fdistrib.addon-continue.com%2F%3Fextension%3Dprimary_adb%26promo%3Dsalmon%26big%3Dnone%26clk_domain%3Dexcellingvista.com%26flow%3Dbinom%26campaignId%3D10659%26trafficsource%3D29%26src%3D6_5660982-4035621963-0%26cid%3Dcoktbpr2r96s73cdpkq0%26lpkey%3D17140895536478a4c8be14fa07ec1b30d04db18067%26isV2%3Dtrue&dt=Primary%20AdBlock&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=865 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-D9B6K7HFTW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 25 Apr 2024 04:02:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://distrib.addon-continue.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	favicon.ico distrib.addon-continue.com/images/extension-icons/primary-adblock/	15 KB 5 KB	34ms 33ms	Other image/x-icon	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://distrib.addon-continue.com/images/extension-icons/primary-adblock/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2dc86bcb63b4c5f30ab4a584acceca2f83aa7da547791e47e87e28f21f6675f4 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://distrib.addon-continue.com/?extension=primary_adb&promo=salmon&big=none&clk_domain=excellingvista.com&flow=binom&campaignId=10659&trafficsource=29&src=6_5660982-4035621963-0&cid=coktbpr2r96s73cdpkq0&lpkey=17140895536478a4c8be14fa07ec1b30d04db18067&isV2=true Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 04:02:47 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status REVALIDATED nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400 last-modified Wed, 24 Apr 2024 22:48:40 GMT server cloudflare etag W/"3c2e-18f124bfc9d" vary Accept-Encoding x-frame-options DENY content-type image/x-icon report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqRMGP9GKovfkLFqZ4BIKR6r2C8SFdsEKNmKbTxq97LQFL9mcydeCO%2FSlq2tkDVWQU9v74NBQG%2FGoFBv5rnOOk3C6pRiQVmrGyWTPjipINXWb22mD1eYVwfMQznl6U9HKSXgp%2Fd1rHIYyJSq6UgDGiqD8KF0f5c8rQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=14400 cf-ray 879b7086ff8465de-FRA
GET		click excellingvista.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

excellingvista.com

URL

https://excellingvista.com/click?upd_clickid=coktbpr2r96s73cdpkq0&add_event6=1