userhamrah.m317.sbs Open in urlscan Pro
156.255.1.213 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://userhamrah.m317.sbs/
Submission: On May 18 via automatic, source certstream-suspicious (May 18th 2023, 12:37:42 am UTC) — Scanned from NL

Summary HTTP 92 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 42 domains to perform 92 HTTP transactions. The main IP is 156.255.1.213, located in Amsterdam, Netherlands and belongs to Africa-on-Cloud-AS, ZA. The main domain is userhamrah.m317.sbs.
TLS certificate: Issued by R3 on May 17th 2023. Valid for: 3 months.

This is the only time userhamrah.m317.sbs was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	156.255.1.213 156.255.1.213	328608 (Africa-on...) (Africa-on-Cloud-AS)
1	23.56.201.9 23.56.201.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.24.73 108.138.24.73	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:88c::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.45.238.216 23.45.238.216	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
4	2606:4700:20:... 2606:4700:20::681a:897	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	18.66.147.109 18.66.147.109	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 2	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:b000:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:f200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4 6	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
4 4	65.9.66.36 65.9.66.36	16509 (AMAZON-02) (AMAZON-02)
2 5	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2 3	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.19.14.35 52.19.14.35	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.210.10.159 3.210.10.159	14618 (AMAZON-AES) (AMAZON-AES)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4264:ac2c:d4a2:4da7:d98e	14618 (AMAZON-AES) (AMAZON-AES)
1	3.77.86.163 3.77.86.163	16509 (AMAZON-02) (AMAZON-02)
1	54.76.219.151 54.76.219.151	16509 (AMAZON-02) (AMAZON-02)
1 2	3.124.210.204 3.124.210.204	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	3.210.244.29 3.210.244.29	14618 (AMAZON-AES) (AMAZON-AES)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
92	45

16 156.255.1.213 (Amsterdam, Netherlands)

ASN328608 (Africa-on-Cloud-AS, ZA)

userhamrah.m317.sbs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.201.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-201-9.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.24.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-73.fra56.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:88c::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.238.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-216.deploy.static.akamaitechnologies.com

a3747760300.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:897 (United States)

ASN13335 (CLOUDFLARENET, US)

blog.ucsusa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.myngp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-109.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

8188095.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 193.0.160.130 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20802620p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.36 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-36.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.116 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.14.35 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-14-35.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.10.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-10-159.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:ac2c:d4a2:4da7:d98e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.77.86.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-86-163.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.219.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-219-151.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.210.204 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-204.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.244.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-244-29.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	m317.sbs userhamrah.m317.sbs	1 MB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2230	21 KB
7	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 8188095.fls.doubleclick.net — Cisco Umbrella Rank: 751887 stats.g.doubleclick.net — Cisco Umbrella Rank: 76 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	4 KB
7	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 389	23 KB
6	rfihub.com 4 redirects 20802620p.rfihub.com — Cisco Umbrella Rank: 680627 p.rfihub.com — Cisco Umbrella Rank: 728 a.rfihub.com — Cisco Umbrella Rank: 2743	9 KB
5	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 375	880 B
4	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1677	3 KB
4	everyaction.com actions.everyaction.com — Cisco Umbrella Rank: 137242	4 KB
4	ucsusa.org blog.ucsusa.org — Cisco Umbrella Rank: 455829	113 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
3	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 745 a3747760300.cdn.optimizely.com — Cisco Umbrella Rank: 695185 logx.optimizely.com — Cisco Umbrella Rank: 1273	86 KB
3	cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	263 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 606	617 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 290	919 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 694	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	2 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 200	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	217 B
2	google.nl www.google.nl — Cisco Umbrella Rank: 9529 adservice.google.nl — Cisco Umbrella Rank: 15742	973 B
2	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	1 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 558	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 970 pixel.quantserve.com — Cisco Umbrella Rank: 790	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 157	114 KB
2	myngp.com api.myngp.com — Cisco Umbrella Rank: 677264	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	160 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 239	528 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 601	339 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 493	378 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1013	176 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1269	193 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1486	110 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 599	636 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 924	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 436	274 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 820	425 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1099	636 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 918	2 KB
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 4600	6 KB
1	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 35743	44 KB
1	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 55566	575 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 875	7 KB
1	typography.com cloud.typography.com — Cisco Umbrella Rank: 6256
92	42

	Domain	Requested by
16	userhamrah.m317.sbs	userhamrah.m317.sbs static.cloudflareinsights.com
7	js-agent.newrelic.com	userhamrah.m317.sbs
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	idsync.rlcdn.com	2 redirects
4	p.rfihub.com	3 redirects
4	live.rezync.com	4 redirects
4	actions.everyaction.com	d1aqhv4sn5kxtx.cloudfront.net
4	blog.ucsusa.org	userhamrah.m317.sbs
3	ib.adnxs.com	2 redirects
3	d1aqhv4sn5kxtx.cloudfront.net	userhamrah.m317.sbs d1aqhv4sn5kxtx.cloudfront.net
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	www.facebook.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	s.yimg.com	userhamrah.m317.sbs s.yimg.com
2	connect.facebook.net	userhamrah.m317.sbs connect.facebook.net
2	8188095.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	api.myngp.com	d1aqhv4sn5kxtx.cloudfront.net
2	www.googletagmanager.com	userhamrah.m317.sbs www.googletagmanager.com
1	bam.nr-data.net	js-agent.newrelic.com
1	logx.optimizely.com	cdn.optimizely.com
1	adservice.google.nl	adservice.google.com
1	beacon.krxd.net
1	aa.agkn.com
1	partners.tremorhub.com
1	x.dlx.addthis.com
1	bpi.rtactivate.com
1	contextual.media.net
1	ps.eyeota.net
1	us-u.openx.net
1	image2.pubmatic.com
1	a.rfihub.com	1 redirects
1	sp.analytics.yahoo.com
1	pixel.quantserve.com
1	adservice.google.com	8188095.fls.doubleclick.net
1	www.google.nl
1	www.google.com
1	20802620p.rfihub.com	c1.rfihub.net
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	userhamrah.m317.sbs
1	c1.rfihub.net	userhamrah.m317.sbs
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.verygoodvault.com	d1aqhv4sn5kxtx.cloudfront.net
1	profile.ngpvan.com	d1aqhv4sn5kxtx.cloudfront.net
1	a3747760300.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	userhamrah.m317.sbs
1	static.cloudflareinsights.com	userhamrah.m317.sbs
1	cloud.typography.com	userhamrah.m317.sbs
92	53

This site contains links to these domains. Also see Links.

Domain
es.ucsusa.org
secure.ucsusa.org
www.ucsusa.org
blog.ucsusa.org
forms.ucsusa.org
store.ucsusa.org
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
partners.ucsusa.org
legacy.ucsusa.org

Subject Issuer	Validity	Valid
userhamrah.m317.sbs R3	`2023-05-17` - `2023-08-15`	3 months	crt.sh
*.typography.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-03-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
blog.ucsusa.org Cloudflare Inc ECC CA-3	`2022-08-01` - `2023-08-01`	a year	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-09` - `2023-12-08`	a year	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-02-28` - `2024-02-16`	a year	crt.sh
*.everyaction.com RapidSSL TLS ECC CA G1	`2023-03-17` - `2024-04-10`	a year	crt.sh
*.myngp.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-20` - `2024-01-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.rfihub.net Amazon RSA 2048 M01	`2023-02-24` - `2023-12-29`	10 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-02-27` - `2023-08-22`	6 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://userhamrah.m317.sbs/
Frame ID: 854A4ABBE342422F650AB14771F81F82
Requests: 69 HTTP requests in this frame

Frame: https://a3747760300.cdn.optimizely.com/client_storage/a3747760300.html
Frame ID: 1116088190BCA7C620EE9F781BA2D05B
Requests: 1 HTTP requests in this frame

Frame: https://8188095.fls.doubleclick.net/activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F
Frame ID: 8E8197E376054A93D73981B54B02837F
Requests: 1 HTTP requests in this frame

Frame: https://20802620p.rfihub.com/ca.html?ver=9&rb=35937&ca=20802620&_o=35937&_t=20802620&pe=https%3A%2F%2Fuserhamrah.m317.sbs%2F&pf=&ra=4106731707647713
Frame ID: D8F669D4E48BBC9B696EDB7172E1A879
Requests: 19 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F
Frame ID: 1794E3AB0A065A59C88EACACC4CD9658
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.nl/ddm/fls/i/dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F
Frame ID: 123A724472FB0530B13FD14395024505
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Union of Concerned Scientists

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

92
Requests

90 %
HTTPS

40 %
IPv6

42
Domains

53
Subdomains

45
IPs

7
Countries

2303 kB
Transfer

4365 kB
Size

43
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://es.ucsusa.org/
Title: en español

Search URL Search Domain Scan URL

URL: http://secure.ucsusa.org/onlineactions/dR5QqmX2uUCLCFD1KkVEzg2?MS=topnav
Title: Donate

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/X4d_KofrBEWDRO3-p9U8-g2?MS=topnav
Title: Renew

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/UTzgs8R_NUmst2iZobkSmg2?MS=topnav
Title: Become a member

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/monthlygiving?MS=topnav
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/LA5-XXhFGUKJjpKyRFvQcw2?MS=topnav
Title: Gift memberships

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/6TtUU7KYKkKm07SkWzm_Yw2?MS=topnav
Title: Gifts in honor & memory

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-stop-fossil-fueled-forest-fires
Title: Demand that fossil fuel CEOs stop fueling forest fires.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2021-04-tell-congress-invest-clean-energy-future
Title: Demand Congress invest in a clean energy future.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-epa-stronger-vehicle-standards
Title: Tell the EPA: Stronger vehicle pollution standards will save lives.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/support-agriculture-resilience-act
Title: Urge Congress to support climate resilient food & farms.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-support-house-res-77
Title: Prevent nuclear war: Urge Congress to reform US nuclear weapons policy.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/2023-agency-scientific-integirity
Title: Help strengthen scientific integrity at federal agencies.

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/partners?MS=topnav
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://www.ucsusa.org/about/ways-give
Title: More ways to give

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/sophia-marjanovic/on-brown-v-board-of-education-anniversary-school-segregation-gerrymandering-persist/

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/anita-desikan/will-epa-follow-the-science-and-protect-us-from-ozone-pollution/

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/amanda-fencl/californias-water-rights-system-is-inequitable-inadequate/

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/
Title: Read more

Search URL Search Domain Scan URL

URL: https://forms.ucsusa.org/contact/
Title: UCS

Search URL Search Domain Scan URL

URL: https://blog.ucsusa.org/jacob-carter/new-white-house-guidance-protects-federal-scientists-and-their-work/
Title: Read blog

Search URL Search Domain Scan URL

URL: https://forms.ucsusa.org/contact
Title: UCS

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/vjfJ0O5BC0KMyD3Emh_gwQ2?ms=footer
Title: sign up online

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/dR5QqmX2uUCLCFD1KkVEzg2?MS=footer
Title: Donate

Search URL Search Domain Scan URL

URL: https://store.ucsusa.org/
Title: Visit the store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/unionofconcernedscientists
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/UCSUSA
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ConcernedScientists
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/unionofconcernedscientists
Title: Instagram

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/a/05-2023-may-web?MS=HPFloat
Title: Renew your support today

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/dR5QqmX2uUCLCFD1KkVEzg2?MS=takeover
Title: Donate

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/X4d_KofrBEWDRO3-p9U8-g2?MS=takeover
Title: Renew

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/6TtUU7KYKkKm07SkWzm_Yw2?MS=takeover
Title: Honor & memory

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/UTzgs8R_NUmst2iZobkSmg2?MS=takeover
Title: Become a member

Search URL Search Domain Scan URL

URL: https://partners.ucsusa.org/donation.php
Title: Give monthly

Search URL Search Domain Scan URL

URL: https://legacy.ucsusa.org/
Title: Make a planned gift

Search URL Search Domain Scan URL

URL: https://secure.ucsusa.org/onlineactions/LA5-XXhFGUKJjpKyRFvQcw2?MS=takeover
Title: Gift memberships

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://8188095.fls.doubleclick.net/activityi;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F HTTP 302
https://8188095.fls.doubleclick.net/activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F

Request Chain 55

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer=https%3A%2F%2Fuserhamrah.m317.sbs%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9edd-36fe10fd93b1%253A1684370257.3744566%26_%3D1684370257.3755586&cb=1684370257.375582 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9edd-36fe10fd93b1%253A1684370257.3744566%26_%3D1684370257.3755586 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&_=1684370257.3755586 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmiKWQxbQGxV0xzSejgcjA&google_cver=1

Request Chain 56

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNTc0MDE2MDM4Mw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOmHX4YLS1yhsxtXhcNj9cs&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9edd-36fe10fd93b1%253A1684370257.3744566%26_%3D1684370257.619986&cb=1684370257.6200137 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9edd-36fe10fd93b1%253A1684370257.3744566%26_%3D1684370257.619986 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&_=1684370257.619986 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4663653183223270797

Request Chain 57

https://ib.adnxs.com/setuid?entity=18&code=5133329525740160383 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329525740160383

Request Chain 58

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329525740160383&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329525740160383&redir=

Request Chain 61

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5133329525740160383&bid=omt9pi0

Request Chain 64

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329525740160383&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329525740160383&forward=&C=1

Request Chain 67

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329525740160383&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329525740160383&img=1&__user_check__=1&sync_id=302cb88c-f514-11ed-a8e6-1bce7de30406

Request Chain 71

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329525740160383&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD} HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329525740160383&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

Request Chain 72

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZGVzUgAK5ff7ZgBa HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGVzUgAK5ff7ZgBa&_test=ZGVzUgAK5ff7ZgBa

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
userhamrah.m317.sbs/ 188 KB
46 KB 572ms
486ms Document
text/html 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

8b344649c53934d76b1cd898ec9f1b5529b5160a6829ef1f9d00807695f3fd10

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=60, public
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 7c90084b1ba806d4-AMS
content-encoding: br
content-language: en
content-type: text/html; charset=UTF-8
date: Thu, 18 May 2023 00:37:34 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 17 May 2023 20:58:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bv6M%2FmDkPaOUsvKueyp7m8kpIQBCxzNDY9cANFgsHaodJwWmmc37P%2BSceez4oY84GZ1ciTjHNoZ%2Fc3sAvA%2FdHc2l%2BZvhxz%2Br5srnAWKhZI7w%2Bk765x2%2ByybqbFT1KPC"}],"group":"cf-nel","max_age":604800}
server: nginx/1.24.0
strict-transport-security: max-age=0
traceresponse: 00-176015d294c392c873ee8e23329190a4-084eefdca8af3457-00
vary: Cookie, Accept-Encoding
x-content-type-options: nosniff
x-debug-info: eyJyZXRyaWVzIjowfQ==
x-drupal-cache: HIT
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-platform-cache: MISS
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
x-platform-router: ktx3icsa4jcar7ju7owewc754y
x-ua-compatible: IE=edge

GET
H2 200 css_R3-jz4M_WMiDo66AlxxoYk3Z7FSbOudK6LyCu2STLbc.css
userhamrah.m317.sbs/sites/default/files/css/ 7 KB
3 KB 102ms
101ms Stylesheet
text/css 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/sites/default/files/css/css_R3-jz4M_WMiDo66AlxxoYk3Z7FSbOudK6LyCu2STLbc.css

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

1e7722dbc7435fdad6ba27255cecfd77c51287783577c1d50916fb0680ba667c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 219450
traceresponse: 00-175f4e3c122ce616c5974f980cda00bd-b0af86fd124ab1ff-00
cf-polished: origSize=7280
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
cf-bgj: minify
server: nginx/1.24.0
last-modified: Mon, 10 Apr 2023 20:58:03 GMT
etag: W/"6434785b-7e5"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bi7m6Z4ZOWcSeYSY8AbIOueKzmmUhmm2OnAcXfqAhmZz4w4jFp9RsStChfOFC1RdC9HlDkdWtu2%2BTXhrBcnaENjuoJSueoIvGCyEFcRyUtTjASiaRx0uCB3gyNoGjbFA"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c90084e3c02b975-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Mon, 29 May 2023 11:40:05 GMT

GET
H2 200 css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css
userhamrah.m317.sbs/sites/default/files/css/ 129 KB
20 KB 105ms
104ms Stylesheet
text/css 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/sites/default/files/css/css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

906ac16902dac08f4d80678a6ddb9df9fed619cea0862bc09be37b19cd10c209

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 150278
traceresponse: 00-1756ea609a5aff8c7f39f1918abb400e-616c1ae5d8f5e5de-00
cf-polished: origSize=134732
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
cf-bgj: minify
server: nginx/1.24.0
last-modified: Mon, 10 Apr 2023 20:58:03 GMT
etag: W/"6434785b-488a"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLpirjnBVR%2Fif656Wlgxn9q02wDDeLxtE11lIaVNSmoFs%2Bz7JNR0KkSpl7rkcBLO9n%2FpjuWih3nTRNrtxdGi7Uo%2FnI9jaFAyUDNR%2FT%2B089KXF2RcjjMXEAkGsBhzcM2c"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c90084e3ca028ac-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Tue, 30 May 2023 06:52:56 GMT

GET
H/1.1 403
Forbidden fonts.css
cloud.typography.com/6045052/6787212/css/ 0
0 798ms
717ms Stylesheet
text/html 23.56.201.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.typography.com/6045052/6787212/css/fonts.css
Requested by: Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.56.201.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-201-9.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H2 200 store-promo-small.png
userhamrah.m317.sbs/sites/default/files/2019-10/ 16 KB
17 KB 382ms
382ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/2019-10/store-promo-small.png

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

3fa1252fe6a6fa6cb1f641f705da70b4fa944f884989d18bd5a0d9844ed6e9d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-1756ccb20d867a002f73193eb8c107ff-2e70c1a07ba3825b-00
cf-polished: origFmt=png, origSize=19711
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="store-promo-small.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16244
x-platform-cache: HIT
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 07 Oct 2019 19:59:11 GMT
etag: "5d9b990f-4cff"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WCScFUJa1kLjWjalgj7dYueCIJ7zTlqOtK8A%2F4VsQJLXaD7t9D10EArjUCjSu%2BZ5SSBfik08JasU7CiFnYnl6CapXOfllIRXm2nlNYx308%2FrqSHjisFzBrSXDtTVxCZ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c90084f38b61c96-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Thu, 18 May 2023 00:42:35 GMT

GET
H2 200 rocket-loader.min.js Show response
userhamrah.m317.sbs/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 95ms
94ms Script
application/javascript 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 May 2023 14:04:08 GMT
server: nginx/1.24.0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"645e4758-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2QRBhhDFy5bPM2OTutqLVot%2FIri1Rd6oSt%2BD4bQ0Z%2FvcKINo5pw%2FQl8%2ByZflM0L0GN0B4bdR%2FkjB2Nm3lShOdmbIazZWhlXugH2H70Zn7LNJktklQj4zm5OGf42Mylu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7c90084f4bc31cca-AMS
expires: Sat, 20 May 2023 00:37:35 GMT

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 123ms
66ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://userhamrah.m317.sbs/
Origin: https://userhamrah.m317.sbs
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c90084f4c75b760-AMS

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 841 KB
236 KB 126ms
42ms Script
application/javascript 108.138.24.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4ddb801172cf12c64e868a304e9817ad155e44b5f1fa43cbfe4a039a9075627

Request headers

Referer: https://userhamrah.m317.sbs/
Origin: https://userhamrah.m317.sbs
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:37:29 GMT
Content-Encoding: gzip
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 36026
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 241208
Last-Modified: Tue, 16 May 2023 14:37:02 GMT
Server: AmazonS3
ETag: "e6592f5360276fdc305f5e5cde7c2e93"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 7tuDo0uh3O-p2g3-ev2TjnHjRvxo-NBDp-5xZOjTQX-EhX_ehpfBFg==

GET
H2 200 theme.js Show response
userhamrah.m317.sbs/themes/custom/ucstheme/js/ 8 KB
3 KB 374ms
374ms Script
application/javascript 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/themes/custom/ucstheme/js/theme.js?v=1.x

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

c7af6e514da816317655fb9d54ecb3ae1c7202aa033ff4c762b213aecf72a3da

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-175753f35046caca4c87ac74843abac9-69fc9c5478dc3493-00
cf-polished: origSize=12870
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: MISS
cf-bgj: minify
server: nginx/1.24.0
last-modified: Mon, 17 Apr 2023 17:22:28 GMT
etag: W/"643d8054-3246"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZteSVIk5DM9pUkNvt1rTPC8QdfUFxhd2oeqUFXdlLSBiDpc42%2BtnDh%2FwXUkEqjg0UN%2FToPTJqBBDCdNv8GAGovrO5UCXoRZ9Ms4Z5OmZp%2Fcb26JTsS2eMDK3PPami4E7"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c9008535fc30ea7-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Thu, 18 May 2023 00:42:36 GMT

GET
H2 200 js_A_PxGf3EV6hVEdQpj0xw-cTsSsFJyKhlHKANlKZNsWo.js Show response
userhamrah.m317.sbs/sites/default/files/js/ 88 KB
32 KB 107ms
107ms Script
application/javascript 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/sites/default/files/js/js_A_PxGf3EV6hVEdQpj0xw-cTsSsFJyKhlHKANlKZNsWo.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

bd7eaf806759e1cd5b0b6ef70c2bfd9c7f290a60c5b5101f36e8071fa2f6bc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 133251
traceresponse: 00-175f9ca1be03229cc3349aef96aa2c16-f788f0494edfdf22-00
cf-polished: origSize=89949
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: HIT
cf-bgj: minify
server: nginx/1.24.0
last-modified: Wed, 19 Apr 2023 11:46:30 GMT
etag: W/"643fd496-791c"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=477Oz%2FRzgqtMBmBLAmDOQxALN1jGDkTtmGaH6tCSr4hVfbPJMCOq1kkE8p76DtqLAPYjaLxJ5mEys%2FEvIL02YAS9fMG7%2BmPegzNOS0Lv4VvB161cuTPqEiI5o160lZfn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1209600
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c9008535e0d0a49-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Tue, 30 May 2023 11:06:00 GMT

GET
H2 200 3747760300.js Show response
cdn.optimizely.com/js/ 270 KB
84 KB 545ms
458ms Script
text/javascript 2a02:26f0:7100:88c::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/3747760300.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:7100:88c::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

236dd3140b132b83d4da08115b1e661e7b13502e48713b9d27dcb56b5c3dc168

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: VuPXcBR9FUZV8hORwJaHbX.WL1UwPxZB
content-encoding: gzip
date: Thu, 18 May 2023 00:37:36 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: EBKRX5N3J938SSBS
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 1179
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=8, origin; dur=416, cdn;desc="AkamaiION";dur=0,rtt;desc="33";dur=0,cdnip;desc="2a02:26f0:7100:88c::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="467880_34603270_3609949_42405_1221_35_0";dur=1
content-length: 84824
x-amz-id-2: YEjvueIJlY9ILlk3NYqgUDbMHc6nRgD9m3rwN49GRKjBM02nP7AVHyCMp7D0W6RF26MDzDw03jU=
last-modified: Thu, 23 Feb 2023 01:12:15 GMT
server: AmazonS3
etag: "6443f76514d5878ce248e3bdf8309c0e"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 strike-crowd.jpg
userhamrah.m317.sbs/sites/default/files/2022-05/ 85 KB
86 KB 391ms
390ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/2022-05/strike-crowd.jpg

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e608ef74bfd1678cc56ede8cab68ff9996291d8fb44c743c2f0ebfd336d86eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
strict-transport-security: max-age=0
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-175f4f5c934038c7db8eab6e4af72e86-3ef275a5faed6d82-00
cf-polished: qual=85, origFmt=jpeg, origSize=123333
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="strike-crowd.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 87492
x-platform-cache: REVALIDATED
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 16 May 2022 19:45:11 GMT
etag: "6282a9c7-1e1c5"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=34hrmu41wvsASTN%2B97PzDp1XMMLBZ1EtkR8iYfD5UuoyAElO6B7Lxy6%2FETGA4MGgHFdyw6WaNAN2PSmG60GmdsZnByhhFPVVaUzzqvI7IrZwZ6NTJNKUxZwShY5Vxj6a"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c9008537d2fd0d9-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Thu, 18 May 2023 00:42:36 GMT

GET
H2 200 donut-chart.svg
userhamrah.m317.sbs/themes/custom/ucstheme/assets/ 738 B
1 KB 373ms
373ms Image
image/svg+xml 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/themes/custom/ucstheme/assets/donut-chart.svg

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/sites/default/files/css/css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

abd1a0192e37997bb26aad952d9c36e83f10eded1eb5cdc1b4edccf97779f68e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/sites/default/files/css/css__MLFAc1xFIKDrr_bRIWGdR2xyFMUV0XITGM_noJWIQc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
traceresponse: 00-1757545f294b75ba9a86a9590216ddcc-31b0fb1007aeb955-00
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-platform-cache: REVALIDATED
last-modified: Mon, 17 Apr 2023 17:22:28 GMT
server: nginx/1.24.0
etag: W/"643d8054-2e2"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyJUDAAQYpwYeOwzjx6kuqFT6FBRaaXs%2Bws0vxRpibOXED8PbjI4b8y%2BX7nroMOyNFOP1%2BRbtKB%2BExx3BovB3HtSmA6qxxe5euO2zf3hL4qcwLzlqLriM8rD91hHSBif"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
cf-ray: 7c90085378900df6-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Thu, 18 May 2023 00:42:36 GMT

GET
H2 200 ucsusa_51421561_Full.jpg
userhamrah.m317.sbs/sites/default/files/styles/original/public/2019-10/ 1005 KB
1007 KB 163ms
162ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/styles/original/public/2019-10/ucsusa_51421561_Full.jpg?itok=ZZO-VPC6

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

cfc31abb2830798245f222a9714314360301c224276f4cfe4901ff7ee95d7e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31081
traceresponse: 00-175ff98e3a4d564d601a5de9957f7237-cb46a05d0b02e5e4-00
cf-polished: qual=85, origFmt=jpeg, origSize=1213399
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="ucsusa_51421561_Full.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1028988
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 07 Oct 2019 20:40:06 GMT
etag: "5d9ba2a6-1283d7"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MkpVlq9gzruK5xsGUnOhPxDXPOQHkXCuQw8izTOw2XSQwdR2HvH3GkytYFiOMlqu%2BtJTHT8QaoZYFo6Nm2EM2xVuzjx0cvzIlJN%2BfesT9l7eRCmI9aSpz65nhdXzpK8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c900853dea0b8d0-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Wed, 17 May 2023 16:04:34 GMT

GET
H2 200 wildfire-burn-thumbnail.jpg
userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2023-04/ 18 KB
19 KB 105ms
103ms Image
image/jpeg 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2023-04/wildfire-burn-thumbnail.jpg?itok=ihPlxpyS

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

dc354b0e6500bfe40f2e5ed1b7e36d9ac888ea8a2d87feb871c8433994779488

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62538
traceresponse: 00-175fdcf212df1243fb2a45cb1b70831e-8ae403e91db986d5-00
cf-polished: degrade=85, origSize=19541, status=webp_bigger
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18589
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 10 Apr 2023 14:13:15 GMT
etag: "6434197b-4c55"
vary: Accept-Encoding
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ey0vcCena637lpBXEtK4CJETUlOxtdbOOSpL%2BII%2BCveEho1yMyZsgs8CJ5foriIGygNL5bd11SktSHA%2FN6tvCk7tdOYuj9JLVs7pynIe1aPyxAIxW0Nz%2BkziuAG3AKeS"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c900853dba11c8e-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Wed, 17 May 2023 07:20:17 GMT

GET
H2 200 1500x900%20%281%29.jpg
userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2023-05/ 21 KB
22 KB 111ms
110ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2023-05/1500x900%20%281%29.jpg?itok=6WwjUlbx

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

ff2bedc78e062fb0474713bb222e6ae59110dabab3d2996ed5f42fc6f237de22

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15383
traceresponse: 00-175eaf61d9c69477b0db876ac02fac19-f08b6b2977188de3-00
cf-polished: qual=85, origFmt=jpeg, origSize=25147
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="1500x900%20%281%29.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22008
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Tue, 09 May 2023 13:10:33 GMT
etag: "645a4649-623b"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYC0UsdyMXETu8vZP7fXGYglMf4Zt9D0AfumQQorP4jUtXInIBhf5ZE7nBa%2BdjO0GHysPc2RVUJnrKBpIm8C7dKV2K%2FN1xvhFIkcEkWpcez27rKdgzn34iAzUBsj809Z"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c900853ddc3b790-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Wed, 17 May 2023 20:26:12 GMT

GET
H2 200 social-image.png
userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2022-11/ 10 KB
11 KB 156ms
155ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2022-11/social-image.png?itok=5NbAA_9i

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

376f385f0c96c85305f4d4af2afe0de3624baadd258fcefbbd7bc0a474ac5580

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62538
traceresponse: 00-1755a41218848ccea8eff27e26864b4b-1d05faba8c8c0b1e-00
cf-polished: origFmt=png, origSize=21519
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="social-image.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10128
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 14 Nov 2022 19:08:10 GMT
etag: "6372921a-540f"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3tM2HoTRD1eg4eGEyX5OQMA6jQ7%2F9PRM3yXQGecjpupUSt%2FrOvVGPW8NsJTKlY9xQcRG%2F5jFviX5sMZfCqtXgky%2Bz%2FwCwM0ZE7l3BDuzb8a5GqvUax6rMkC8u0VDmC9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c900853d9931c89-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Wed, 17 May 2023 07:20:17 GMT

GET
H2 200 fire-video-thumbnail.jpg
userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2023-05/ 13 KB
14 KB 135ms
134ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/styles/thumbnail/public/2023-05/fire-video-thumbnail.jpg?itok=afyjtHnm

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

0d5fbc59d1c6b0cf5ca0d7a142b455affa6d15d5028a9984edd19c5190adb485

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53460
traceresponse: 00-175f94dacd38178805566bb35c7b3f06-d08e523cfcfcc722-00
cf-polished: qual=85, origFmt=jpeg, origSize=17416
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="fire-video-thumbnail.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13426
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Mon, 15 May 2023 16:34:02 GMT
etag: "64625efa-4408"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s2L4G8RL7Mcn0hGYQWz3DEHfhCgLur%2FKPp%2F6arunz0FWWpGoI9gay6lJf7jCtrDAfobM0MkajYoBZSWjp8eqO385%2Bz3yZor7ERHCcQ7f2Tkstq4Sw8VuugTQTzX%2BKmt4"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c900853dcc8b74e-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Wed, 17 May 2023 09:51:35 GMT

GET
H2 200 1500-900-usda-scientist.jpg
userhamrah.m317.sbs/sites/default/files/styles/large/public/2023-02/ 136 KB
137 KB 125ms
124ms Image
image/webp 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://userhamrah.m317.sbs/sites/default/files/styles/large/public/2023-02/1500-900-usda-scientist.jpg?itok=ZDFcoGp6

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

62c83cedb7102c62f5eb050931ed8655805fbae9df69b9e06dd027d86423b281

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:35 GMT
strict-transport-security: max-age=0
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51340
traceresponse: 00-175f8dae965e8ccb7a3fea938fb5f430-a065c141e5d2746a-00
cf-polished: qual=85, origFmt=jpeg, origSize=150918
x-platform-processor: su2vgazozfakxlnueibgsbkb5q
content-disposition: inline; filename="1500-900-usda-scientist.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139202
x-platform-cache: MISS
cf-bgj: imgq:85,h2pri
server: nginx/1.24.0
last-modified: Thu, 02 Feb 2023 18:27:58 GMT
etag: "63dc00ae-24d86"
vary: Accept
x-platform-cluster: ydfvjrxeayjka-master-7rqtwti
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NZS33OKBnkQDiIrug084n0oytURFmdW8ZgZ9ZnOilP5TD%2BnJpv3Loz8z79C5Hwfb3ly8HFKPpFfw7Axl%2BjuvH5MTmzij6%2FIhMUh095DQ%2Blk6HvgpUHlQ7rqlLcpLm5cQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
x-debug-info: eyJyZXRyaWVzIjowfQ==
accept-ranges: bytes
cf-ray: 7c900853dd330a75-AMS
x-platform-router: ktx3icsa4jcar7ju7owewc754y
expires: Wed, 17 May 2023 10:26:55 GMT

GET
H2 200 a3747760300.html Show response
a3747760300.cdn.optimizely.com/client_storage/ Frame 1116 2 KB
1 KB 471ms
387ms Document
text/html 23.45.238.216
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a3747760300.cdn.optimizely.com/client_storage/a3747760300.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/3747760300.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.45.238.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-45-238-216.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

db6e7498fc02ff3dc7d9a7252033bdde67826f0f2ac6bfa55258a60b4c1f11f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://userhamrah.m317.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 793
content-type: text/html; charset=utf-8
date: Thu, 18 May 2023 00:37:36 GMT
etag: "b9afd7b9f0ee3757aa388ec4b9d3ccae"
last-modified: Thu, 23 Feb 2023 01:12:06 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=306 cdn;desc="AkamaiION";dur=0,rtt;desc="31";dur=0,cdnip;desc="23.45.238.216";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="467880_390277155_610167039_30619_1692_31_0";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: 32KnTINIqVIXPXrt5aydv9p1IbtHyQmd6h9rlpjNt8Qg9PYD/7QEgQWKCKMRfu52psKow5rBiS0=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: Q9P725H4JET4Q6D0
x-amz-server-side-encryption: AES256
x-amz-version-id: UZpBPJnftxJS08DvIqwmbj39DB3sPfBs

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 258 KB
82 KB 151ms
78ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbf6551365a68fb0f30f501b8229ff1533ae6aec3f5f74ba029e472377009fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83666
x-xss-protection: 0
last-modified: Thu, 18 May 2023 00:14:06 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 May 2023 00:37:36 GMT

GET
H2 200 async-api.ad3273bd-1.232.0.min.js Show response
js-agent.newrelic.com/ 3 KB
2 KB 674ms
221ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC727PHS5629DWXE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1353
x-amz-id-2: vsRMHCcRx2yS7Pe98/WtjfrPVnuFLSAD4461olwRiyEbuY81q2wIvPHIk5IwhBmuPDAnkWcBLf0=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370257.110925,VS0,VE0
etag: "d7011e3a3501d54c9be8929572a18598"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10051

GET
H2 200 session-manager.2a8d47d1-1.232.0.min.js Show response
js-agent.newrelic.com/ 15 KB
6 KB 674ms
221ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7C75BKG4ZDC460
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5781
x-amz-id-2: gwMnkCI7emGzOFjhEyJ7yV+wQ+OaFOlvL+2Qye8OgDA/l+AxzLZSyWbxxb4x1SDC0j0bdByRvLY=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370257.110933,VS0,VE0
etag: "e42e9b9282d7865427c32ad60eea44b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10057

GET
H2 200 / Show response
blog.ucsusa.org/wp-json/wp/v2/posts/ 71 KB
20 KB 834ms
764ms XHR
application/json 2606:4700:20::681a:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.ucsusa.org/wp-json/wp/v2/posts/?per_page=3&_embed

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/sites/default/files/js/js_A_PxGf3EV6hVEdQpj0xw-cTsSsFJyKhlHKANlKZNsWo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:897 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

11ee2c738980281cf15bfbba67ceb55971508fc3bf90b3b4d0de554667672b5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cf-edge-cache: cache,platform=wordpress
date: Thu, 18 May 2023 00:37:37 GMT
x-cache-group: normal
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cacheable: SHORT
content-encoding: br
x-powered-by: WP Engine
x-cache: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 18 May 2023 00:37:37 GMT
server: cloudflare
x-wp-totalpages: 2047
allow: GET
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://userhamrah.m317.sbs
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=86400, must-revalidate
access-control-allow-credentials: true
x-wp-total: 6141
cf-apo-via: origin,nohtml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A1zOKQj7%2F30Ng%2FrZsocOQhnAk%2Flstrj69w5rtHhUAxSfKeOeJNaH4oIpQYIAy0YxVPm1SQupkEkc4pw4f62P4p6%2BgTtwwoaTKNydGOWMmKvf%2FtjKZTUlOFNCH%2BO71fLM8a7%2BAvVsXI5n8lhHXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7c900857fc14b97a-AMS
link: <https://blog.ucsusa.org/wp-json/wp/v2/posts?per_page=3&_embed&page=2>; rel="next"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-robots-tag: noindex

POST
H2 204 rum Show response
userhamrah.m317.sbs/cdn-cgi/ 0
249 B 99ms
98ms XHR
text/plain 156.255.1.213
Africa-on-Cloud-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://userhamrah.m317.sbs/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

156.255.1.213 Amsterdam, Netherlands, ASN328608 (Africa-on-Cloud-AS, ZA),

Reverse DNS

Software

nginx/1.24.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
x-content-type-options: nosniff
server: nginx/1.24.0
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://userhamrah.m317.sbs
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c900857efb0b92a-AMS

GET
H/1.1 200
OK at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 59 KB
12 KB 104ms
37ms Stylesheet
text/css 108.138.24.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 910044c5dc75c617b619648d9a3e85765c9499c940b804174d1dd7b6b3111afa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:37:30 GMT
Content-Encoding: gzip
Via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 36026
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11533
Last-Modified: Tue, 16 May 2023 14:37:02 GMT
Server: AmazonS3
ETag: "fa18af11bfe4d995976d8f94ca69ebb4"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: 2je-fM_o060gDGsj1pMOrQjsQY70ZS5Tp1HGTsiFaGN1Y-BQNTlxFA==

GET
H/1.1 200
OK extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 78 KB
15 KB 105ms
38ms Stylesheet
text/css 108.138.24.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.24.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-24-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6cac852da7593b529900229c807602582838bc7181630a236e400ffe64da3026

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Wed, 17 May 2023 14:37:30 GMT
Content-Encoding: gzip
Via: 1.1 f1a22cc8d842b0950e4bd5bda60806f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 36026
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14207
Last-Modified: Tue, 16 May 2023 14:37:02 GMT
Server: AmazonS3
ETag: "9b6cfcf17cff06e9fcbd6d9996826e9d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: n4riStNAGOmLjeO0zkShVxSnzsm94oq87hf6AmywpuYXM7hSSKbj8g==

GET
H2 204 identity Show response
profile.ngpvan.com/ 0
575 B 645ms
567ms Script
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
reason: Returned 204 - No Content. Referrer not whitelisted
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by: Express, ASP.NET
x-iinfo: 12-132685145-132685226 NNNN CT(82 170 0) RT(1684370256373 29) q(0 1 4 194) r(5 5) U24
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/ 134 KB
44 KB 132ms
42ms Script
application/javascript 18.66.147.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding: gzip
Via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
Date: Thu, 18 May 2023 00:37:36 GMT
X-Amz-Cf-Pop: FRA60-P4
Age: 35
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
Server: AmazonS3
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: xXsAg47krs-oCpg4bpIyfs78o-DhxRl_YDHQVl4Hs4Ba7nSR1sWrxw==

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2 Show response
actions.everyaction.com/v1/Forms/ 2 KB
1 KB 695ms
607ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/riz_81HSRkGMC2loQcyxiQ2

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d72fa63db092da3eba2b12df375f4c361ebf7a970da38f87d1cc63315d309e29

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 12-132685148-132685228 NNNN CT(85 170 0) RT(1684370256398 30) q(0 2 4 169) r(6 6) U18
content-length: 983
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://userhamrah.m317.sbs
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2 Show response
actions.everyaction.com/v1/Forms/ 2 KB
2 KB 676ms
595ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/v1/Forms/riz_81HSRkGMC2loQcyxiQ2

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d72fa63db092da3eba2b12df375f4c361ebf7a970da38f87d1cc63315d309e29

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 12-132685148-132685228 PNNN RT(1684370256398 31) q(0 2 4 171) r(5 5) U18
content-length: 983
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://userhamrah.m317.sbs
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true

GET
H/1.1 401
Unauthorized / Show response
api.myngp.com/v2/Forms/ 111 B
960 B 660ms
584ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myngp.com/v2/Forms/
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3cfc88481c30f6f09d410abf88d811339cb1f357fa145f913f15eccd355ccba6

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2023 00:37:36 GMT
Content-Encoding: gzip
WWW-Authenticate: Basic
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-CDN: Imperva
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://userhamrah.m317.sbs
X-Iinfo: 14-157751004-157751032 NNYN CT(75 230 0) RT(1684370256396 45) q(0 1 5 152) r(5 5) U11
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 135ms
61ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 May 2023 00:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 117
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Thu, 18 May 2023 02:35:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979118/ 2 KB
2 KB 206ms
74ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071979118/?random=1684370256825&cv=11&fst=1684370256825&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserhamrah.m317.sbs%2F&hn=www.googleadservices.com&frm=0&tiba=Union%20of%20Concerned%20Scientists&auid=684608812.1684370257&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a21e4e1bb49a64c0518b9bde36cb6ddbffb7f5970feb3d3db0c06725a27eaf4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F Show response
8188095.fls.doubleclick.net/ Frame 8E81
Redirect Chain

https://8188095.fls.doubleclick.net/activityi;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F?
https://8188095.fls.doubleclick.net/activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%...

490 B
451 B

47ms
46ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8188095.fls.doubleclick.net/activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

c9125d0d2e070910a02fac4e2d945e32a8bb50d623d2dd6814b4131218249e13

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://userhamrah.m317.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 274
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 00:37:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 00:37:36 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8188095.fls.doubleclick.net/activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 118ms
36ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 May 2023 00:37:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TGzQnco/Ro4SwYGuA7wG2Rxrqb2+U2qWcwRV2sgFv/lKg6kdwEx0sL5g2Z8OWw50F/09fDEHTBXclvfCVM2pfg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 170ms
35ms Script
application/x-javascript 2600:9000:214f:b000:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:29:16 GMT
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Thu, 18 May 2023 00:29:06 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: FRA53-C1
age: 500
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: 4DZhRkhHTYKOdOZcFc3rw_dANHnPn6t270LboyPrqMHwAOxLDNNgUQ==
expires: Thu, 18 May 2023 01:29:16 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 118ms
33ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 25 May 2023 00:37:36 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 17 KB
7 KB 108ms
35ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:07 GMT
x-amz-version-id: JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 9DVWNEAN5T2DCCB7
age: 30
x-amz-server-side-encryption: AES256
x-amz-id-2: pIh7/+dGiZUvi44rk8pzYTwogs71qhOtkN9EOSOSKGfTxp+pjW2IF732LBTb2DlJVQen1J9+P5TIhUMsg81i7ZHoP1XS0e7J9Wbtk96dcKM=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 26 Apr 2023 11:08:30 GMT
server: ATS
etag: "e896178ac557f4e393e0a05405c33633-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
78 KB 75ms
75ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NB5C4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33842c707a09d4ec8684c8e9ab48bd9913820bd0241fac611100088dcf219070

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79292
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 May 2023 00:37:36 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 86ms
30ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VB9DKE4V36&gtm=45je35a0&_p=647778461&cid=409193090.1684370257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684370256&sct=1&seg=0&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&dt=Union%20of%20Concerned%20Scientists&en=page_view&_fv=1&_nsi=1&_ss=1&ep.BlogTopic=Climate%20Impacts%20Science%20Disinformation%20Climate%2BSolutions%20Energy%20Renewables%20Fossil%2BFuels%20Nuclear%2BPower%20Energy%2BSolutions%20Food%20Health%20Justice%20Sustainable%2BAgriculture%20Food%2BSolutions%20Nuclear%2BWeapons%20US%2BWeapons%20Global%2BIssues%20Missile%2BDefense%20Nuclear%2BSolutions%20Transportation%20Technology%2B%26%2BInnovation%20Oil%20Transportation%2BSolutions%20Science%2B%26%2BDemocracy%20Scientific%2BIntegrity%20Evidence-based%2BPolicy%20Democracy%2B%26%2BJustice&ep.PageType=page&ep.Campaigns=&ep.Programs=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userhamrah.m317.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10095888.json Show response
s.yimg.com/wi/config/ 2 B
513 B 193ms
129ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10095888.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: F3BKQ16N9A0FWPTH
age: 1
content-length: 22
x-amz-id-2: R8CHyAoaGRT9D/x9LgU3OLaCKAZ+lufi3POiLnd3XuOilGutSz4l8Qk/9KuWVjY3Zc5SrgueLnzJxwa+tADKRVQ+mENdpk6ZtsmZz+c9dsI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 rules-p-8w7tSVuzV_3NU.js Show response
rules.quantcount.com/ 5 KB
2 KB 118ms
36ms Script
application/javascript 2600:9000:223c:f200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8w7tSVuzV_3NU.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba28457aec8e96bda721a20af6fd36d57940c7607597f0caadd72e6c08615f88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 17 May 2023 23:48:05 GMT
content-encoding: gzip
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 01 Nov 2019 20:00:46 GMT
server: AmazonS3
etag: W/"610bb3b00c066431338a8002bf88acfa"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: 2Dko5gB7CF5seH_kUuJI9PwyIMNiQCFHN3L6AiCIEUQ6UgH5dwUzeg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
151 B 69ms
68ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=647778461&t=pageview&_s=1&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2092768311&gjid=847181130&cid=409193090.1684370257&tid=UA-6648639-1&_gid=1771424647.1684370257&_r=1&_slc=1&gtm=45He35a0n71NB5C4Q&cd2=&cd3=&cd12=Climate%20Impacts%20Science%20Disinformation%20Climate%2BSolutions%20Energy%20Renewables%20Fossil%2BFuels%20Nuclear%2BPower%20Energy%2BSolutions%20Food%20Health%20Justice%20Sustainable%2BAgriculture%20Food%2BSolutions%20Nuclear%2BWeapons%20US%2BWeapons%20Global%2BIssues%20Missile%2BDefense%20Nuclear%2BSolutions%20Transportation%20Technology%2B%26%2BInnovation%20Oil%20Transportation%2BSolutions%20Science%2B%26%2BDemocracy%20Scientific%2BIntegrity%20Evidence-based%2BPolicy%20Democracy%2B%26%2BJustice&z=1658795578

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userhamrah.m317.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
70 B 69ms
68ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=647778461&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=25%25&_u=YADAAEABAAAAACAAI~&jid=1821044077&gjid=306834518&cid=409193090.1684370257&tid=UA-6648639-1&_gid=1771424647.1684370257&_r=1&gtm=45He35a0n71NB5C4Q&z=416485041

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userhamrah.m317.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 61ms
61ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=647778461&t=event&ni=0&_s=1&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form%20Visible&ea=undefined&_u=YADAAEABAAAAACAAI~&jid=&gjid=&cid=409193090.1684370257&tid=UA-6648639-1&_gid=1771424647.1684370257&gtm=45He35a0n71NB5C4Q&z=2140324752

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 12:46:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42690
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 625465517575530 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 79ms
78ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/625465517575530?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97bc986a15c01e352eab35983e6c9b96e5688ac3e74eaf86eb921e73c8ab4154

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 May 2023 00:37:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LCx8wL0xiFn1EKjnHFJwHd6BR6BbzNXPJq/TLfRbJY+W40GbvbmE9cU1P1ib6jYxbQqHyzU0l8f7lWXGS6rHNg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ca.html Show response
20802620p.rfihub.com/ Frame D8F6 3 KB
3 KB 161ms
31ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20802620p.rfihub.com/ca.html?ver=9&rb=35937&ca=20802620&_o=35937&_t=20802620&pe=https%3A%2F%2Fuserhamrah.m317.sbs%2F&pf=&ra=4106731707647713
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 1b9b5e8a6fb57607ebdd4b073b5fd2f34b3402c40b3311150f476e0e673e6290

Request headers

Referer: https://userhamrah.m317.sbs/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 2672
Content-Type: text/html;charset=utf-8
Date: Thu, 18 May 2023 00:37:37 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 /
www.google.com/pagead/1p-user-list/1071979118/ 42 B
456 B 160ms
85ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1071979118/?random=1684370256825&cv=11&fst=1684368000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserhamrah.m317.sbs%2F&frm=0&tiba=Union%20of%20Concerned%20Scientists&fmt=3&is_vtc=1&random=2551745768&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.nl/pagead/1p-user-list/1071979118/ 42 B
456 B 119ms
45ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/pagead/1p-user-list/1071979118/?random=1684370256825&cv=11&fst=1684368000000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fuserhamrah.m317.sbs%2F&frm=0&tiba=Union%20of%20Concerned%20Scientists&fmt=3&is_vtc=1&random=2551745768&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F Show response
adservice.google.com/ddm/fls/i/ Frame 1794 489 B
645 B 174ms
100ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F

Requested by

Host: 8188095.fls.doubleclick.net
URL: https://8188095.fls.doubleclick.net/activityi;dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f81180e125f7af4b3ca592e806dbd38620087206f66ac80ba4f5db63cb869081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8188095.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 00:37:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 102ms
34ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6648639-1&cid=409193090.1684370257&jid=2092768311&gjid=847181130&_gid=1771424647.1684370257&_u=YADAAEAAAAAAACAAI~&z=264191619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 May 2023 00:37:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userhamrah.m317.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
68 B 101ms
35ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-6648639-1&cid=409193090.1684370257&jid=1821044077&gjid=306834518&_gid=1771424647.1684370257&_u=YADAAEABAAAAACAAI~&z=1762703151

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 May 2023 00:37:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userhamrah.m317.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1025952596;labels=_fp.event.Homepage;rf=0;a=p-8w7tSVuzV_3NU;url=https%3A%2F%2Fuserhamrah.m317.sbs%2F;uht=2;fpan=1;fpa=P0-210298699-1684370256979;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111...
pixel.quantserve.com/ 35 B
373 B 47ms
33ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1025952596;labels=_fp.event.Homepage;rf=0;a=p-8w7tSVuzV_3NU;url=https%3A%2F%2Fuserhamrah.m317.sbs%2F;uht=2;fpan=1;fpa=P0-210298699-1684370256979;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=m317.sbs;dst=0;et=1684370257102;tzo=0;ogl=site_name.The%20Union%20of%20Concerned%20Scientists%2Ctype.website%2Curl.https%3A%2F%2Fwww%252Eucsusa%252Eorg%2Fnode%2F1%2Ctitle.Union%20of%20Concerned%20Scientists%2Cdescription.The%20Union%20of%20Concerned%20Scientists%20puts%20rigorous%252C%20independent%20science%20to%20work%20to%20%2Cimage.https%3A%2F%2Fwww%252Eucsusa%252Eorg%2Fthemes%2Fcustom%2Fucstheme%2Fassets%2Fsocial-logo%252Epng%2Cimage%3Aalt.The%20Union%20of%20Concerned%20Scientists;ses=f4d26d33-f905-4c6a-816e-39a142db7b05;mdl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 113ms
34ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625465517575530&ev=PageView&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&rl=&if=false&ts=1684370257169&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684370257168.75475398&it=1684370257019&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 May 2023 00:37:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
636 B 160ms
51ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2018%20May%202023%2000%3A37%3A37%20GMT&n=0&b=Union%20of%20Concerned%20Scientists&.yp=10095888&f=https%3A%2F%2Fuserhamrah.m317.sbs%2F&enc=UTF-8&yv=1.14.0&tagmgr=gtm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 18 May 2023 00:37:37 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame D8F6
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer=https%3A%2F%2Fuserhamrah.m317.sbs%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9edd-36fe10f...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9e...
https://idsync.rlcdn.com/501709.gif?partner_uid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&_=1684370257.3755586
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmiKWQxbQGxV0xzSejgcjA&google_cver=1

42 B
60 B

33ms
33ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmiKWQxbQGxV0xzSejgcjA&google_cver=1
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOmiKWQxbQGxV0xzSejgcjA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame D8F6
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyNTc0MDE2MDM4Mw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOmHX4YLS1yhsxtXhcNj9cs&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9edd-36fe10f...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329525740160383&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dd665f7d3-c618-46f0-9e...
https://idsync.rlcdn.com/501709.gif?partner_uid=d665f7d3-c618-46f0-9edd-36fe10fd93b1%3A1684370257.3744566&_=1684370257.619986
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4663653183223270797

42 B
60 B

33ms
33ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4663653183223270797
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:38 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

Date: Thu, 18 May 2023 00:37:37 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.139; 31.204.150.139; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: d157e02c-67b1-4089-a602-6bc799f24cf8
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4663653183223270797
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D8F6
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=5133329525740160383
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329525740160383

43 B
1 KB

26ms
26ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329525740160383

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2023 00:37:37 GMT
AN-X-Request-Uuid: f18c3075-3186-41bd-af27-10f641fd8455
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 31.204.150.139; 31.204.150.139; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 18 May 2023 00:37:37 GMT
AN-X-Request-Uuid: 05c0a12e-b5a4-4fd6-9592-c2e38c0edf78
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329525740160383
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.139; 31.204.150.139; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame D8F6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329525740160383&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329525740160383&redir=

42 B
942 B

44ms
44ms

Image
image/gif

52.19.14.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329525740160383&redir=

Protocol

HTTP/1.1

Server

52.19.14.35 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-14-35.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v048-0295a1ef7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7bdmtzznRpI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v048-0eb2aae52.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: QW9imYlWSdo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329525740160383&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame D8F6 42 B
425 B 106ms
26ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5133329525740160383&r=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 18 May 2023 00:37:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame D8F6 43 B
274 B 94ms
32ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5133329525740160383&r=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame D8F6
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5133329525740160383&bid=omt9pi0

0
344 B

149ms
40ms

Image
text/plain

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5133329525740160383&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 00:37:37 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5133329525740160383&bid=omt9pi0
Date: Thu, 18 May 2023 00:37:37 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame D8F6 61 B
636 B 138ms
58ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329525740160383

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 18 May 2023 00:37:37 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 18 May 2023 00:37:37 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame D8F6 43 B
110 B 379ms
148ms Image
image/gif 3.210.10.159
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5133329525740160383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.10.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-10-159.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D8F6
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329525740160383&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329525740160383&forward=&C=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329525740160383&forward=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2023 00:37:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 18 May 2023 00:37:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=57&external_user_id=5133329525740160383&forward=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame D8F6 42 B
450 B 96ms
32ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5133329525740160383
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame D8F6 43 B
193 B 267ms
176ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329525740160383

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: Thu, 18 May 2023 00:37:37 GMT
pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame D8F6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329525740160383&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329525740160383&img=1&__user_check__=1&sync_id=302cb88c-f514-11ed-a8e6-1bce7de30406

43 B
547 B

28ms
28ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329525740160383&img=1&__user_check__=1&sync_id=302cb88c-f514-11ed-a8e6-1bce7de30406
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 00:37:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 18 May 2023 00:37:37 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=7180&uid=5133329525740160383&img=1&__user_check__=1&sync_id=302cb88c-f514-11ed-a8e6-1bce7de30406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 95
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame D8F6 43 B
176 B 321ms
102ms Image
image/gif 2600:1f18:612b:4264:ac2c:d4a2:4da7:d98e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5133329525740160383&r=5b0gKxL89wxB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:ac2c:d4a2:4da7:d98e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 18 May 2023 00:37:37 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame D8F6 43 B
378 B 118ms
33ms Image
image/gif 3.77.86.163
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329525740160383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.77.86.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-77-86-163.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame D8F6 0
339 B 133ms
41ms Image
text/plain 54.76.219.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329525740160383
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.219.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-219-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by: beacon-n018-dub-prod.krxd.net
date: Thu, 18 May 2023 00:37:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=38 t=1684370257
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame D8F6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=5133329525740160383&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329525740160383&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}

43 B
346 B

33ms
33ms

Image
image/gif

3.124.210.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329525740160383&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Protocol: H2
Server: 3.124.210.204 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-204.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329525740160383&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
date: Thu, 18 May 2023 00:37:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame D8F6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZGVzUgAK5ff7ZgBa
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGVzUgAK5ff7ZgBa&_test=ZGVzUgAK5ff7ZgBa

42 B
1 KB

28ms
28ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGVzUgAK5ff7ZgBa&_test=ZGVzUgAK5ff7ZgBa
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://20802620p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 18 May 2023 00:37:38 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-gig2250057-GIG
pragma: no-cache
date: Thu, 18 May 2023 00:37:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684370258.414067,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZGVzUgAK5ff7ZgBa&_test=ZGVzUgAK5ff7ZgBa
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 lazy-loader.c8cd494b-1.232.0.min.js Show response
js-agent.newrelic.com/ 921 B
618 B 221ms
221ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: SG9C8DYFK4AHP6FC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 410
x-amz-id-2: JN/tAW4p82knoIZyf+bg7F9AAkeiB8svFWmCfXUAF2uD9VGJT4oZJi/Z3cCkMk+8BvGzJGy5uXM=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370257.344511,VS0,VE0
etag: "43b458adcc5ab7566291590de5438262"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 105

GET
H2 200 dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F Show response
adservice.google.nl/ddm/fls/i/ Frame 123A 194 B
517 B 266ms
98ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/ddm/fls/i/dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO7v2ZbQ_f4CFVPg1Qod9JEKjA;src=8188095;type=site;cat=ucs-g0;ord=9020403806398;gtm=45He35a0;auiddc=684608812.1684370257;u1=%2F;~oref=https%3A%2F%2Fuserhamrah.m317.sbs%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 18 May 2023 00:37:37 GMT
expires: Thu, 18 May 2023 00:37:37 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 401
Unauthorized / Show response
api.myngp.com/v2/Forms/ 111 B
946 B 115ms
115ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://api.myngp.com/v2/Forms/
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c1beb8ffeca0730f92a05d5ba3f6a3b9fd91677900720a1b07b39fc40892ca94

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 18 May 2023 00:37:36 GMT
Content-Encoding: gzip
WWW-Authenticate: Basic
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-CDN: Imperva
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://userhamrah.m317.sbs
X-Iinfo: 14-157751004-157751032 SNYN RT(1684370256396 619) q(0 0 0 0) r(1 1) U11
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Expires: -1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
59ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=647778461&t=event&ni=1&_s=1&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&ul=en-us&de=UTF-8&dt=Union%20of%20Concerned%20Scientists&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Form%20Loaded&ea=SignupForm&el=Union%20of%20Concerned%20Scientists&_u=aAHAAEABAAAAACAAI~&jid=&gjid=&cid=409193090.1684370257&tid=UA-6648639-1&_gid=1771424647.1684370257&gtm=45He35a0n71NB5C4Q&z=1310459870

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 19:40:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2
actions.everyaction.com/v1/Track/ 0
168 B 125ms
124ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/riz_81HSRkGMC2loQcyxiQ2?formSessionId=78d5b6ad-e4ee-4c1c-b326-ed882dd318ef&bName=chrome&dType=desktop&formVersion=9/25/2019%201:56:22%20PM|11/30/2020%209:51:59%20PM&fUrl=aHR0cHM6Ly91c2VyaGFtcmFoLm0zMTcuc2JzLw%3D%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 12-132685148-132685228 PNNN RT(1684370256398 658) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 59ms
59ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 May 2023 19:40:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17841
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 riz_81HSRkGMC2loQcyxiQ2
actions.everyaction.com/v1/Track/ 0
120 B 121ms
121ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/riz_81HSRkGMC2loQcyxiQ2?formSessionId=b5eab43c-9473-4601-94c4-1880b1860e67&bName=chrome&dType=desktop&formVersion=9/25/2019%201:56:22%20PM|11/30/2020%209:51:59%20PM&fUrl=aHR0cHM6Ly91c2VyaGFtcmFoLm0zMTcuc2JzLw%3D%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Thu, 18 May 2023 00:37:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 12-132685148-132685228 PNNN RT(1684370256398 690) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3 200 Copy-of-Blog-Lead-Image-Template66-500x300.jpg
blog.ucsusa.org/wp-content/uploads/2023/05/ 34 KB
34 KB 67ms
36ms Image
image/jpeg 2606:4700:20::681a:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ucsusa.org/wp-content/uploads/2023/05/Copy-of-Blog-Lead-Image-Template66-500x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 165f27e26c00198cf6f796c66de6848c00c8dfee313226ac5c07a3c27fbdb589

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17031
cf-polished: origSize=37729, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34663
cf-bgj: imgq:100,h2pri
last-modified: Wed, 17 May 2023 18:24:02 GMT
server: cloudflare
etag: "64651bc2-9361"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqpY%2BnteDwAI5cYsUYo%2F1lBoHLaKt8CklvEpLC1ItdEenGmlrkTp5IuG7GoARLMSVWJCgj46zwI9IbJ1z%2BLvvuf5TgvfB48MjIJ2DDL3lyoWGmnxrJoNDBqgLBfWbx2xOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c90085cf907b761-AMS

GET
H3 200 1-2-500x300.jpg
blog.ucsusa.org/wp-content/uploads/2023/05/ 18 KB
19 KB 145ms
115ms Image
image/jpeg 2606:4700:20::681a:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ucsusa.org/wp-content/uploads/2023/05/1-2-500x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7b221774406991cf17e64a146fcff4f72917fd6f419548b20bd181b401ae6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 17732
cf-polished: origSize=20981, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18468
cf-bgj: imgq:100,h2pri
last-modified: Wed, 17 May 2023 17:16:26 GMT
server: cloudflare
etag: "64650bea-51f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BsuFeOprq8yoe9H0WWv2vVOqeDWqoWo0SRU5j8FzyfFDC%2Bc3Efy8iXrDS%2B6k7n0i0Jy%2B30ba5HLWQCiBsuJZRxX71JF8TrW2jkstOkSIia2lUij3mSMyt0L3uV6vJDw%2FrNZ%2FSUKZKu%2BujdZnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c90085cf90ab761-AMS

GET
H3 200 2023-0517-Amanda-2-blog-500x300.jpg
blog.ucsusa.org/wp-content/uploads/2023/05/ 39 KB
40 KB 93ms
62ms Image
image/jpeg 2606:4700:20::681a:897
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ucsusa.org/wp-content/uploads/2023/05/2023-0517-Amanda-2-blog-500x300.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:897 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec45914c13e311627ae298eb466c4ef758502d6857d3eb4248df3af1a2cf89b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 00:37:37 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 40796
cf-polished: degrade=85, origSize=44772, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40053
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 May 2023 06:01:47 GMT
server: cloudflare
etag: "64646dcb-aee4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gPPiAomGjoGxygWSNMDjX32pwCkUUjuYS7aRz4BQcM36b40XFxFvquh2pQ1dbggsktBuW4Hyi%2BiMFSCQCspn53vqKhTeB%2ByM8y0FYeEjf0AD1uaDu10wYYercS9Rkb8uSXwBoK1CRejbLjAGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c90085cf909b761-AMS

GET
H2 200 875.2c240adb-1.232.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 223ms
221ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7C68Q43FPBG6RZ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3692
x-amz-id-2: gDGXPQfO4OcGnZK53re6qsan9CCvvdKhbbfQWhhPKfsvLGH+LygEymjKPjyZ8JilPq7gpz3xi6I=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370258.569277,VS0,VE0
etag: "12b760183a18786621f95a5599ea91d1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9773

GET
H2 200 page_view_event-aggregate.5a238c1f-1.232.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 233ms
232ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7EV3S88CY49SRP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4123
x-amz-id-2: +uvgDEvSzUmKH2zAUj1M2acRTFpunkOTcmm7n7LPAEc/jB6CLJ6l2ISG7cIJzJrA6OQeQnTWYj8=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370258.569646,VS0,VE0
etag: "397497131773c37606e11fcb4222917f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9758

GET
H2 200 page_view_timing-aggregate.ddd91465-1.232.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 232ms
232ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: NC7DPYS63H92Q86P
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4571
x-amz-id-2: P6dmU/0DuDAlMEGUidzZcIEJ/CJDeehtL+8KS/Wu00ZyOh45Vq++gLAhZYZOdljLLl/XEE2pWck=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370258.569633,VS0,VE0
etag: "38f4d68378bfe3989db669dc9385b7c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 7940

GET
H2 200 metrics-aggregate.c2ad263a-1.232.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 233ms
232ms Script
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js

Requested by

Host: userhamrah.m317.sbs
URL: https://userhamrah.m317.sbs/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding: gzip
via: 1.1 varnish
date: Thu, 18 May 2023 00:37:37 GMT
strict-transport-security: max-age=300
x-amz-request-id: T41XBED3QCDQ23HS
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1663
x-amz-id-2: q5mSJXT/kYEyCYebrkUbYUgpfAyNr1+JBw9+qL2yG6Ao2PaA3rVgAHMtSo1QYHuQmBLaNl+XkjM=
x-served-by: cache-gig2250073-GIG
last-modified: Mon, 08 May 2023 21:20:25 GMT
server: AmazonS3
x-timer: S1684370258.569614,VS0,VE0
etag: "581d99ebc34c05e0a160a0c4a848cae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9779

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
364 B 425ms
103ms XHR
text/plain 3.210.244.29
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/3747760300.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.244.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-244-29.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://userhamrah.m317.sbs/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 18 May 2023 00:37:37 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://userhamrah.m317.sbs
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: ca992b20-c019-4e7b-8107-74de8fef8055

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 36ms
35ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625465517575530&ev=Microdata&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&rl=&if=false&ts=1684370257673&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Union%20of%20Concerned%20Scientists%22%2C%22meta%3Adescription%22%3A%22The%20Union%20of%20Concerned%20Scientists%20puts%20rigorous%2C%20independent%20science%20to%20work%20to%20solve%20our%20planet%27s%20most%20pressing%20problems.%20Joining%20with%20people%20across%20the%20country%2C%20we%20combine%20technical%20analysis%20and%20effective%20advocacy%20to%20create%20innovative%2C%20practical%20solutions%20for%20a%20healthy%2C%20safe%2C%20and%20sustainable%20future.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Union%20of%20Concerned%20Scientists%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.ucsusa.org%2Fnode%2F1%22%2C%22og%3Atitle%22%3A%22Union%20of%20Concerned%20Scientists%22%2C%22og%3Adescription%22%3A%22The%20Union%20of%20Concerned%20Scientists%20puts%20rigorous%2C%20independent%20science%20to%20work%20to%20solve%20our%20planet%27s%20most%20pressing%20problems.%20Joining%20with%20people%20across%20the%20country%2C%20we%20combine%20technical%20analysis%20and%20effective%20advocacy%20to%20create%20innovative%2C%20practical%20solut%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.ucsusa.org%2Fthemes%2Fcustom%2Fucstheme%2Fassets%2Fsocial-logo.png%22%2C%22og%3Aimage%3Aalt%22%3A%22The%20Union%20of%20Concerned%20Scientists%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684370257168.75475398&it=1684370257019&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 May 2023 00:37:37 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK 7559782580 Show response
bam.nr-data.net/1/ 49 B
528 B 754ms
649ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/7559782580?a=293798185&v=1.232.0&to=MVMAZEIAX0sEWhVZWAgZI1NECF5WSkkAV1I5VQNTWAQ%3D&rst=3277&ck=0&s=0&ref=https://userhamrah.m317.sbs/&ap=12&be=573&fe=1454&dc=834&perf=%7B%22timing%22:%7B%22of%22:1684370254418,%22n%22:0,%22dn%22:1,%22dne%22:10,%22c%22:10,%22s%22:47,%22ce%22:88,%22rq%22:88,%22rp%22:573,%22rpe%22:756,%22di%22:758,%22ds%22:1407,%22de%22:1407,%22dc%22:2018,%22l%22:2019,%22le%22:2027%7D,%22navigation%22:%7B%7D%7D&fp=1512&fcp=1512&at=HRQDEgoaTEU%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Thu, 18 May 2023 00:37:38 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
CF-Ray: 7c90085f5d0db966-AMS

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
29ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VB9DKE4V36&gtm=45je35a0&_p=647778461&cid=409193090.1684370257&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1684370256&sct=1&seg=0&dl=https%3A%2F%2Fuserhamrah.m317.sbs%2F&dt=Union%20of%20Concerned%20Scientists&en=scroll&ep.BlogTopic=Climate%20Impacts%20Science%20Disinformation%20Climate%2BSolutions%20Energy%20Renewables%20Fossil%2BFuels%20Nuclear%2BPower%20Energy%2BSolutions%20Food%20Health%20Justice%20Sustainable%2BAgriculture%20Food%2BSolutions%20Nuclear%2BWeapons%20US%2BWeapons%20Global%2BIssues%20Missile%2BDefense%20Nuclear%2BSolutions%20Transportation%20Technology%2B%26%2BInnovation%20Oil%20Transportation%2BSolutions%20Science%2B%26%2BDemocracy%20Scientific%2BIntegrity%20Evidence-based%2BPolicy%20Democracy%2B%26%2BJustice&ep.PageType=page&ep.Campaigns=&ep.Programs=&epn.percent_scrolled=25&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VB9DKE4V36&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://userhamrah.m317.sbs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 May 2023 00:37:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://userhamrah.m317.sbs
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.m317.sbs/	1970-01-20 16:12:02	Name: optimizelyEndUserId Value: oeu1684370256495r0.6841812974386634
.m317.sbs/	1970-01-20 14:02:26	Name: _gcl_au Value: 1.1.684608812.1684370257
.m317.sbs/	1970-01-20 21:28:50	Name: _ga_VB9DKE4V36 Value: GS1.1.1684370256.1.0.1684370256.0.0.0
.m317.sbs/	1970-01-20 21:28:50	Name: _ga Value: GA1.2.409193090.1684370257
.m317.sbs/	1970-01-20 11:54:16	Name: _gid Value: GA1.2.1771424647.1684370257
.m317.sbs/	1970-01-20 11:52:50	Name: _gat Value: 1
.m317.sbs/	1970-01-20 11:52:50	Name: _gat_UA-6648639-1 Value: 1
.userhamrah.m317.sbs/	1970-01-20 21:28:50	Name: _ga Value: GA1.3.409193090.1684370257
.userhamrah.m317.sbs/	1970-01-20 11:54:16	Name: _gid Value: GA1.3.1771424647.1684370257
.quantserve.com/	1970-01-20 21:23:04	Name: mc Value: 64657351-22189-0128f-bb731
.m317.sbs/	1970-01-20 21:17:19	Name: __qca Value: P0-210298699-1684370256979
.m317.sbs/	1970-01-20 14:02:26	Name: _fbp Value: fb.1.1684370257168.75475398
.rfihub.com/	1970-01-20 21:14:26	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjU3MTA0MzC2MBbiM9S1KExKDDQMLwyNiE8DAAd4vgYlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjU3MTA0MzC2MBbiM9S1KExKDDQMLwyNiE8DAAd4vgYlAAAA
.everyaction.com/	1970-01-20 20:38:19	Name: visid_incap_823975 Value: ocqmWaOqRIOAn2MnXJm43lBzZWQAAAAAQUIPAAAAAADcSeL73EdRu4PYg+XnJGJy
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: wbycJcg+WRF3cLs7xwoUeQAAAADf8Nz9KZBpLBxFkOAH0hKa
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_281_823975 Value: 83R8JWydcw2Rgf1Mk1DmA1FzZWQAAAAA0fyqI5LvYF4w452SyNTJWA==
.adnxs.com/	1970-01-20 14:02:26	Name: uuid2 Value: 4663653183223270797
.pubmatic.com/	1970-01-20 14:02:26	Name: KRTBCOOKIE_18 Value: 22947-5133329525740160383
.pubmatic.com/	1970-01-20 12:36:02	Name: PugT Value: 1684370256
.yahoo.com/	1970-01-20 20:38:47	Name: A3 Value: d=AQABBFFzZWQCENgzrxLnUdZD9pt2Aq2_5eYFEgEBAQHEZmRvZO2PzSMA_eMAAA&S=AQAAAnVxXwoAt-7QPm03HR8PUzs
.media.net/	1970-01-20 20:38:26	Name: visitor-id Value: 3273718570157929000V10
.media.net/	1970-01-20 20:36:59	Name: data-rk Value: 5133329525740160383~~3
.casalemedia.com/	1970-01-20 20:38:26	Name: CMID Value: ZGVzUQPxYozf8cXCw6dspQAA
.casalemedia.com/	1970-01-20 14:02:26	Name: CMPS Value: 1174
.casalemedia.com/	1970-01-20 14:02:26	Name: CMPRO Value: 1174
.adnxs.com/	1970-01-20 14:02:26	Name: anj Value: dTM7k!M4/YErk#WF']wIg2GVOr0<*G!]tbPl1MNu::wpAk`W>$ka#=sjF%1ue8)fHcyCQ.n<Z+FQvOCr!_6-zQEVk`!'RG1KqVlI
.demdex.net/	1970-01-20 16:12:02	Name: demdex Value: 46576765912981341021213147140284290475
.doubleclick.net/	1970-01-20 21:14:26	Name: IDE Value: AHWqTUl3e3DxVDtM-DwRFhkNSwuUvRfRz1kLTL2HoN1ZoU9KGk9tHPNQ1AoTsETKM_8
.dpm.demdex.net/	1970-01-20 16:12:02	Name: dpm Value: 46576765912981341021213147140284290475
.rezync.com/	1970-01-20 16:12:02	Name: zync-uuid Value: d665f7d3-c618-46f0-9edd-36fe10fd93b1:1684370257.3744566
live.rezync.com/	1970-01-20 16:12:02	Name: sd-session-id Value: .eJwNzEsOwjAMANG7eN2guE6cz2UqqB0pggbUlA1V706WIz3NCctH9-3etB2Qj_2rE6yvOqpDPqHX36ZPyOCRiObkZx-cRbYUCa4JuvZe322pMoww-xKEzMoYjeNiTVIRQ1wUbZFED8zI0VGw43Oj4JxnhusPtZsl1g.ZGVzUQ.ocK52TSagZAsm31tNmr9N-V5bNQ
.eyeota.net/	1970-01-20 11:52:50	Name: SERVERID Value: 18767~DM
.spotxchange.com/	1970-01-20 12:33:09	Name: audience Value: 302cb850-f514-11ed-a8e6-1bce7de30406
.krxd.net/	1970-01-20 16:12:02	Name: _kuid_ Value: Pj48m__3
.bidswitch.net/	1970-01-20 20:38:26	Name: tuuid Value: 08b15b04-cb03-4696-921b-07b6a211f257
.bidswitch.net/	1970-01-20 20:38:26	Name: c Value: 1684370257
.bidswitch.net/	1970-01-20 20:38:26	Name: tuuid_lu Value: 1684370257
.rlcdn.com/	1970-01-20 13:19:14	Name: pxrc Value: CNHmlaMGEgYItuoBEAASBgi66gEQAA==
.rlcdn.com/	1970-01-20 20:38:26	Name: rlas3 Value: /hGHJWyTnncsOKOXUHJeGC9bEJSzN9qnCvOhz68ja8I=
.everesttech.net/	1970-01-20 20:38:26	Name: everest_g_v2 Value: g_surferid~ZGVzUgAK5ff7ZgBa
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129c_1iDCJ9Ak2rMworiiJyEj2y7JMLl7FKBDlHlYVmu7obZqWZh6V7pTYxGKeYmZmmmaeYqybbGZooWtilmaga5makqJrbJaWamiQlmJpnGRoZWhmYWJsbmBkaq5nbG5iYmpmBgDKM3a4awAAAA
.rfihub.com/	1970-01-20 21:14:26	Name: eud Value: H4sIAAAAAAAA_13PsQ4BQRAG4BDXEInkWq9wsmN3Z-50iJAQEkLQcWuJREWBx1BeeaXySo_gEZRKj6BSupvyS_75_0yxCu1mZ9IZHXpztRhM4LI7nk_zXTjcB-FxXAb0lSRR16QBo1zK4IuE-cH8ZP4wf5lv-awj5pj5zpwwP3i-kPUrbSkodirL7uw63Tb72lpabluru_OP-FpS4rCJEnvBJYOoLRnphQi-p9AKL9gY40m0GxDWBHINjf9RTZJSGjFyU00kIc66_nazSz9cEgTrugEAAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cloud.typography.com/6045052/6787212/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://api.myngp.com/v2/Forms/ Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)
network	error	URL: https://api.myngp.com/v2/Forms/ Message: Failed to load resource: the server responded with a status of 401 (Unauthorized)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20802620p.rfihub.com
8188095.fls.doubleclick.net
a.rfihub.com
a3747760300.cdn.optimizely.com
aa.agkn.com
actions.everyaction.com
adservice.google.com
adservice.google.nl
api.myngp.com
bam.nr-data.net
beacon.krxd.net
blog.ucsusa.org
bpi.rtactivate.com
c1.rfihub.net
cdn.optimizely.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
d1aqhv4sn5kxtx.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
js-agent.newrelic.com
js.verygoodvault.com
live.rezync.com
logx.optimizely.com
p.rfihub.com
partners.tremorhub.com
pixel.quantserve.com
profile.ngpvan.com
ps.eyeota.net
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
secure.quantserve.com
sp.analytics.yahoo.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
userhamrah.m317.sbs
www.facebook.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
108.138.24.73
151.101.2.49
151.101.66.137
156.255.1.213
162.247.241.14
172.217.16.198
172.217.18.2
18.66.147.109
185.64.189.110
185.80.39.216
185.89.211.116
185.94.180.125
193.0.160.130
2.18.235.93
2001:4860:4802:34::36
212.82.100.181
23.45.238.216
23.56.201.9
2600:1f18:612b:4264:ac2c:d4a2:4da7:d98e
2600:9000:214f:b000:1:76cf:fe80:93a1
2600:9000:223c:f200:6:44e3:f8c0:93a1
2606:4700:20::681a:897
2606:4700::6810:3865
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1288:80:807::1
2a00:1450:4001:801::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:400c:c07::9a
2a02:26f0:7100:88c::13b8
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.124.210.204
3.125.70.222
3.210.10.159
3.210.244.29
3.77.86.163
34.98.64.218
35.244.174.68
45.60.33.183
52.19.14.35
54.76.219.151
65.9.66.36
69.192.160.219
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0b7b221774406991cf17e64a146fcff4f72917fd6f419548b20bd181b401ae6b
0d5fbc59d1c6b0cf5ca0d7a142b455affa6d15d5028a9984edd19c5190adb485
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec45914c13e311627ae298eb466c4ef758502d6857d3eb4248df3af1a2cf89b
11ee2c738980281cf15bfbba67ceb55971508fc3bf90b3b4d0de554667672b5e
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
165f27e26c00198cf6f796c66de6848c00c8dfee313226ac5c07a3c27fbdb589
1b9b5e8a6fb57607ebdd4b073b5fd2f34b3402c40b3311150f476e0e673e6290
1e7722dbc7435fdad6ba27255cecfd77c51287783577c1d50916fb0680ba667c
236dd3140b132b83d4da08115b1e661e7b13502e48713b9d27dcb56b5c3dc168
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
33842c707a09d4ec8684c8e9ab48bd9913820bd0241fac611100088dcf219070
376f385f0c96c85305f4d4af2afe0de3624baadd258fcefbbd7bc0a474ac5580
3cfc88481c30f6f09d410abf88d811339cb1f357fa145f913f15eccd355ccba6
3fa1252fe6a6fa6cb1f641f705da70b4fa944f884989d18bd5a0d9844ed6e9d3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
62c83cedb7102c62f5eb050931ed8655805fbae9df69b9e06dd027d86423b281
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cac852da7593b529900229c807602582838bc7181630a236e400ffe64da3026
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b344649c53934d76b1cd898ec9f1b5529b5160a6829ef1f9d00807695f3fd10
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
906ac16902dac08f4d80678a6ddb9df9fed619cea0862bc09be37b19cd10c209
910044c5dc75c617b619648d9a3e85765c9499c940b804174d1dd7b6b3111afa
97bc986a15c01e352eab35983e6c9b96e5688ac3e74eaf86eb921e73c8ab4154
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a21e4e1bb49a64c0518b9bde36cb6ddbffb7f5970feb3d3db0c06725a27eaf4d
abd1a0192e37997bb26aad952d9c36e83f10eded1eb5cdc1b4edccf97779f68e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba28457aec8e96bda721a20af6fd36d57940c7607597f0caadd72e6c08615f88
bd7eaf806759e1cd5b0b6ef70c2bfd9c7f290a60c5b5101f36e8071fa2f6bc0a
c1beb8ffeca0730f92a05d5ba3f6a3b9fd91677900720a1b07b39fc40892ca94
c4ddb801172cf12c64e868a304e9817ad155e44b5f1fa43cbfe4a039a9075627
c7af6e514da816317655fb9d54ecb3ae1c7202aa033ff4c762b213aecf72a3da
c9125d0d2e070910a02fac4e2d945e32a8bb50d623d2dd6814b4131218249e13
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cfc31abb2830798245f222a9714314360301c224276f4cfe4901ff7ee95d7e2d
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d72fa63db092da3eba2b12df375f4c361ebf7a970da38f87d1cc63315d309e29
db6e7498fc02ff3dc7d9a7252033bdde67826f0f2ac6bfa55258a60b4c1f11f4
dc354b0e6500bfe40f2e5ed1b7e36d9ac888ea8a2d87feb871c8433994779488
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e608ef74bfd1678cc56ede8cab68ff9996291d8fb44c743c2f0ebfd336d86eb5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f81180e125f7af4b3ca592e806dbd38620087206f66ac80ba4f5db63cb869081
fbf6551365a68fb0f30f501b8229ff1533ae6aec3f5f74ba029e472377009fe0
ff2bedc78e062fb0474713bb222e6ae59110dabab3d2996ed5f42fc6f237de22

userhamrah.m317.sbs Open in urlscan Pro 156.255.1.213 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

90 %HTTPS

40 %IPv6

42 Domains

53 Subdomains

45 IPs

7 Countries

2303 kBTransfer

4365 kBSize

43 Cookies

37 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

userhamrah.m317.sbs Open in urlscan Pro
156.255.1.213 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

90 %
HTTPS

40 %
IPv6

42
Domains

53
Subdomains

45
IPs

7
Countries

2303 kB
Transfer

4365 kB
Size

43
Cookies

92 HTTP transactions
0 data transactions