www.recover-from-grief.com Open in urlscan Pro
52.47.187.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cdn-0.recover-from-grief.com/
Effective URL:
https://www.recover-from-grief.com/
Submission: On February 24 via automatic, source certstream-suspicious (February 24th 2021, 12:57:21 pm UTC)

Summary HTTP 101 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 15 domains to perform 101 HTTP transactions. The main IP is 52.47.187.175, located in Paris, France and belongs to AMAZON-02, US. The main domain is www.recover-from-grief.com.
TLS certificate: Issued by R3 on February 1st 2021. Valid for: 3 months.

This is the only time www.recover-from-grief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 44	52.47.187.175 52.47.187.175	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3034::6815:3d31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:be00:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	3.126.196.163 3.126.196.163	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
1 3	184.25.115.49 184.25.115.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:6a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
101	22

44 52.47.187.175 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com

cdn-0.recover-from-grief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.recover-from-grief.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:3d31 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:be00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.196.163 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.115.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	recover-from-grief.com 1 redirects cdn-0.recover-from-grief.com www.recover-from-grief.com	261 KB
20	googlesyndication.com bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	116 KB
9	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	152 KB
7	google.com 1 redirects adservice.google.com www.google.com	2 KB
5	ezoic.net go.ezoic.net g.ezoic.net	4 KB
4	google.nl adservice.google.nl	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	googletagservices.com www.googletagservices.com	61 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	quantcount.com rules.quantcount.com	347 B
1	googleapis.com fonts.googleapis.com	764 B
1	googletagmanager.com www.googletagmanager.com	39 KB
1	ezodn.com go.ezodn.com	54 KB
101	15

	Domain	Requested by
43	www.recover-from-grief.com	www.recover-from-grief.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.recover-from-grief.com bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	www.recover-from-grief.com securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	adservice.google.com	www.recover-from-grief.com securepubads.g.doubleclick.net
4	adservice.google.nl	securepubads.g.doubleclick.net
3	sb.scorecardresearch.com	1 redirects go.ezoic.net
3	g.ezoic.net	www.recover-from-grief.com
2	fonts.gstatic.com	fonts.googleapis.com
2	googleads.g.doubleclick.net	bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
2	www.google.com	1 redirects bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
2	www.googletagservices.com	securepubads.g.doubleclick.net bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	go.ezoic.net	www.recover-from-grief.com
1	pixel.quantserve.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	go.ezoic.net
1	fonts.googleapis.com	tpc.googlesyndication.com
1	www.googletagmanager.com	www.recover-from-grief.com
1	go.ezodn.com	www.recover-from-grief.com
1	cdn-0.recover-from-grief.com	1 redirects
101	22

This site contains links to these domains. Also see Links.

Domain
silktide.com
www.ezoic.com

Subject Issuer	Validity	Valid
recover-from-grief.com R3	`2021-02-01` - `2021-05-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
ezoic.net R3	`2021-01-23` - `2021-04-23`	3 months	crt.sh
*.google.nl GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.recover-from-grief.com/
Frame ID: 1A661A8F9B7199212CEFDCEEC56FF520
Requests: 81 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6CA07F2B69C221DEE9B7B08E98ADDF4E
Requests: 2 HTTP requests in this frame

Frame: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: EC895AE8272C739404202406977A0B55
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html
Frame ID: 2CE11DAB6141821563164EB3E3475192
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D8640322FF67E87804BDC5CB1EEEC7B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cdn-0.recover-from-grief.com/ HTTP 301
https://www.recover-from-grief.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

101
Requests

100 %
HTTPS

82 %
IPv6

15
Domains

22
Subdomains

22
IPs

3
Countries

746 kB
Transfer

1995 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://silktide.com/cookieconsent
Title: Cookie Consent plugin for the EU cookie law

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cdn-0.recover-from-grief.com/ HTTP 301
https://www.recover-from-grief.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 100

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1614171423692&ns_c=UTF-8&cv=3.5&c8=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%20Grief&c7=https%3A%2F%2Fwww.recover-from-grief.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1614171423692&ns_c=UTF-8&cv=3.5&c8=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%20Grief&c7=https%3A%2F%2Fwww.recover-from-grief.com%2F&c9=&cs_ak_ss=1

101 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.recover-from-grief.com/
Redirect Chain

https://cdn-0.recover-from-grief.com/
https://www.recover-from-grief.com/

159 KB
37 KB

981ms
980ms

Document
text/html

52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 809b33913d4c67c6491bd1e55450d56ad82697d552146910dd943199afde766c

Request headers

:method: GET
:authority: www.recover-from-grief.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 24 Feb 2021 12:56:57 GMT
display: pub_site_sol
expires: Tue, 23 Feb 2021 12:56:57 GMT
link: <https://www.recover-from-grief.com/wp-json/>; rel="https://api.w.org/", <https://www.recover-from-grief.com/wp-json/wp/v2/pages/31>; rel="alternate"; type="application/json", <https://www.recover-from-grief.com/>; rel=shortlink
pagespeed: off
response: 200
server: nginx/1.16.0
set-cookie: ezoadgid_243330=-1; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 13:26:56 UTC ezoref_243330=; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 14:56:56 UTC ezoab_243330=mod51; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 14:56:56 UTC active_template::243330=pub_site.1614171416; Path=/; Domain=recover-from-grief.com; Expires=Fri, 26 Feb 2021 12:56:56 UTC ezopvc_243330=1; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 13:26:57 UTC ezepvv=0; Path=/; Domain=recover-from-grief.com; Expires=Thu, 25 Feb 2021 12:56:57 UTC lp_243330=https://www.recover-from-grief.com/; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 14:56:57 UTC ezovid_243330=2117348426; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 13:26:57 UTC ezovuuidtime_243330=1614171417; Path=/; Domain=recover-from-grief.com; Expires=Fri, 26 Feb 2021 12:56:57 UTC ezovuuid_243330=f893b809-3888-4a5c-6839-4f90e63afd70; Path=/; Domain=recover-from-grief.com; Expires=Wed, 24 Feb 2021 13:26:57 UTC ezCMPCCS=true; Path=/; Domain=recover-from-grief.com; Expires=Thu, 24 Feb 2022 12:56:57 GMT
vary: Accept-Encoding Accept-Encoding,User-Agent
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-sol: pub_site

Redirect headers

cache-control: max-age=300, private
content-type: text/plain; charset=utf-8
date: Wed, 24 Feb 2021 12:56:56 GMT
location: https://www.recover-from-grief.com/
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
x-middleton-display: redirect
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
799 B 48ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 184 KB
54 KB 48ms
25ms Script
application/javascript 2606:4700:3034::6815:3d31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=onetag&cb=192-0-10
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:3d31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 882864ecc1f7b894e7c9be9d4286c195157971d1ca1f6dfc3bcd31a7ad56a296

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
age: 150905
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oMNqZPjJJfHtc8la0rl9pWmUD5y%2F%2FbblYC4Voo1mmqFLD6DxGUm90MtS%2FUcdhv2utNQ187GCFT7yDSBFh3FP17Aoqg%2BdnSswwLjLRJk%2FAsM9j0P5v48I%2BAs%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 6269597ecb45c290-FRA
cf-request-id: 0875b6433a0000c2900fa0f000000001

GET
H2 200 boise.js Show response
www.recover-from-grief.com/detroitchicago/ 983 B
466 B 32ms
31ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/boise.js?gcb=192-0&cb=1
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 426

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 27ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-161418351-1

Requested by

Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

baffe724fb467e0749a69548845ef1e6804be04f906d5c61a0f5bc57f17a382b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39453
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Feb 2021 12:56:57 GMT

GET
H2 200 cookieconsent.min.js Show response
www.recover-from-grief.com/ezoic/ 4 KB
2 KB 37ms
37ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/ezoic/cookieconsent.min.js
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
etag: "11a4-5bbb86a0a74c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 1707
expires: Thu, 24 Feb 2022 12:56:57 GMT

GET
H2 200 recover-from-grief.png
www.recover-from-grief.com/wp-content/uploads/2020/08/ 8 KB
8 KB 360ms
357ms Image
image/png 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.recover-from-grief.com/wp-content/uploads/2020/08/recover-from-grief.png
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: fe6a48747b4627a73539a30f4c7bc4c966504272596f1ee9f5a1bf59594d759c

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
vary: Accept-Encoding, Origin,Accept-Encoding
content-type: image/png
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
expires: Thu, 24 Feb 2022 12:56:57 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 44ms
6ms Image
image/png 2600:9000:206f:be00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:be00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Feb 2021 02:36:22 GMT
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
x-sol: middleton
age: 296435
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol, staticcontent_sol
content-length: 1181
x-amz-cf-id: qHL-MmNTV-hpdXFZv-ZkQia-3cVA2D4BgHRuiu-Y1oYTy3jbh8uH4w==
last-modified: Fri, 12 Feb 2021 23:32:06 GMT
server: nginx/1.16.0
etag: "49d-5ac9ecc7b5bc0-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA56-C1
display: staticcontent_sol, staticcontent_sol
expires: Sun, 28 Feb 2021 02:36:22 GMT

GET
H2 200 main.0.10.3.js Show response
www.recover-from-grief.com/wp-content/themes/mediavine-trellis/assets/dist/ 17 KB
6 KB 353ms
351ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/wp-content/themes/mediavine-trellis/assets/dist/main.0.10.3.js?ver=0.10.3
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a405f62e5c218a1571778836d2c593fbfd26caa47cd010c232042b31d0612a98

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
expires: Fri, 26 Mar 2021 12:56:57 GMT

GET
H2 200 augusta.js Show response
www.recover-from-grief.com/detroitchicago/ 1 KB
603 B 36ms
33ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/augusta.js?cb=1
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: bf8921b49510efc41d6ce26a3a5d6bd53d65afc5f7ce3b523bee1571360d3080

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 570

GET
H2 200 ezcl.webp Show response
www.recover-from-grief.com/utilcave_com/inc/ 1 KB
704 B 55ms
52ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
x-sol: middleton
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
content-length: 605

GET
H2 200 houston.js Show response
www.recover-from-grief.com/detroitchicago/ 3 KB
1 KB 35ms
33ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/houston.js?gcb=0&cb=35
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1153

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
19 KB 89ms
32ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

0778434a92d7cd1e2d947c1350506f89d795201ad1454532f143159a56189597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "793 / 720 of 1000 / last-modified: 1614168750"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19533
x-xss-protection: 0
expires: Wed, 24 Feb 2021 12:56:57 GMT

GET
H2 200 banger.js Show response
www.recover-from-grief.com/porpoiseant/ 48 KB
10 KB 41ms
41ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/banger.js?cb=192-0&bv=6&v=42&PageSpeed=off
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: a08dee47fd97f74ddf2be9978c15331f33ddda2465c8866e64dd238b725e5607

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000, public
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 memphis.js Show response
www.recover-from-grief.com/detroitchicago/ 5 KB
2 KB 32ms
31ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1514

GET
H2 200 minneapolis.js Show response
www.recover-from-grief.com/detroitchicago/ 864 B
452 B 32ms
31ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/minneapolis.js?gcb=192-0&cb=3
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 419

GET
H2 200 raleigh.js Show response
www.recover-from-grief.com/detroitchicago/ 2 KB
813 B 33ms
33ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/raleigh.js?gcb=192-0&cb=4
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 914b73676b4bf4e69e510938a1753e76280a5e1100de6c74cddb293eba1a00f8

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 780

GET
H2 200 tampa.js Show response
www.recover-from-grief.com/detroitchicago/ 773 B
440 B 32ms
31ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/tampa.js?gcb=192-0&cb=3
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 407

GET
H2 200 rochester.js Show response
www.recover-from-grief.com/detroitchicago/ 2 KB
793 B 33ms
32ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/rochester.js?dcb=192-0&cb=2&v=9
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 9d09e0a7a1dd10d174fcf8cab650952432c1fd1b65dd811c1ab75fb7b6cb45c0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 760

GET
H2 200 front-page.0afbfa2af4a11eb54cbf19988785aeac.secondary.css
www.recover-from-grief.com/wp-content/mvt-critical/ 15 KB
3 KB 338ms
337ms Stylesheet
text/css 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/wp-content/mvt-critical/front-page.0afbfa2af4a11eb54cbf19988785aeac.secondary.css?ver=5.6.2
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 85a338617662d735d198586a87e29b9389f00db971becfc9ad529a7c3e7b2240

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol, orig_site_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
x-sol: orig
content-length: 2931
expires: Fri, 26 Mar 2021 12:56:57 GMT

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
563 B 83ms
27ms Script
text/javascript 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 9b26fc778f470185f7e047d5ba6eec79db1dc6c0a07cb6095748e9d113722031

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
etag: 3c228ff5404bcc5f80d4606b8d90a601
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 276
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
DATA 200
OK truncated
/ 121 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c93d6da600e5d07ddf48abc997bfa3411254b49d793827c228e55b714084e603

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 anchorfix.js Show response
www.recover-from-grief.com/ezoic/ 879 B
452 B 33ms
33ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/ezoic/anchorfix.js?cb=192-0
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
x-robots-tag: noindex, noindex
content-length: 383
expires: Thu, 24 Feb 2022 12:56:57 GMT

GET
H2 200 jellyfish.webp Show response
www.recover-from-grief.com/porpoiseant/ 58 KB
11 KB 80ms
80ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/jellyfish.webp?a=a&cb=192-0&shcb=34
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 cl.gif
www.recover-from-grief.com/detroitchicago/ 43 B
131 B 34ms
32ms Image
image/gif 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.recover-from-grief.com/detroitchicago/cl.gif?pvID=4d9f4cb5-38b5-4530-6cf7-e20bd3429d6d&dID=243330
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2 200 pacoima.js Show response
www.recover-from-grief.com/detroitchicago/ 997 B
334 B 32ms
31ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/pacoima.js?gcb=192-0&cb=1
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 4c3557231233b94a35d652b3aeffe5d162eebc926cd102d3dba5ec5923160b8b

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 302

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
54 B 28ms
28ms Script
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 edmonton.webp Show response
www.recover-from-grief.com/detroitchicago/ 14 KB
4 KB 35ms
34ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/edmonton.webp?a=a&cb=192-0&shcb=34
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
cache-control: max-age=31536000
x-robots-tag: noindex
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript

GET
H2 200 vitals.js Show response
www.recover-from-grief.com/tardisrocinante/ 5 KB
2 KB 31ms
31ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/tardisrocinante/vitals.js?gcb=0&cb=3
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1701

GET
H2 200 nmash.js
www.recover-from-grief.com/porpoiseant/ 24 KB
6 KB 34ms
33ms Other
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/nmash.js?v=6
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5946b6bfd1d94700bf85da8e894b66337e8a45dae6b68b9a1aca157c9aa5a7e5

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 09:11:10 GMT
server: nginx/1.16.0
etag: "60dd-5bc116a765692;5bbb86a0a74c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
127 B 32ms
32ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoidW5pdmVyc2FsX3VzZXJfaWQiLCJ2YWwiOiIzYzIyOGZmNTQwNGJjYzVmODBkNDYwNmI4ZDkwYTYwMSJ9XX1d
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:56:57 UTC

GET
H2 200 imp.gif Show response
www.recover-from-grief.com/detroitchicago/ 43 B
76 B 37ms
36ms XHR
image/gif 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A5%2C%22ad_location_ids%22%3A%225%2C4%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A2%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Amsterdam%22%2C%22country%22%3A%22NL%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A1%2C%22domain_id%22%3A243330%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A3%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%224d9f4cb5-38b5-4530-6cf7-e20bd3429d6d%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%221101%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A121094%2C%22response_time_orig%22%3A794%2C%22serverid%22%3A%2213.36.38.238%3A22093%22%2C%22state%22%3A%22NH%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%22%2C%22t_epoch%22%3A1614171416%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.recover-from-grief.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1227%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/rochester.js?dcb=192-0&cb=2&v=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H3-Q050 200 pubads_impl_2021021801.js Show response
securepubads.g.doubleclick.net/gpt/ 292 KB
103 KB 75ms
45ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Feb 2021 09:38:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104640
x-xss-protection: 0
expires: Wed, 24 Feb 2021 12:56:57 GMT

GET
H2 200 jquery.js Show response
www.recover-from-grief.com/wp-includes/js/jquery/ 281 KB
78 KB 580ms
579ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/wp-includes/js/jquery/jquery.js?ver=3.5.1
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
expires: Fri, 26 Mar 2021 12:56:57 GMT

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
19 B 30ms
30ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDItMjQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRkOWY0Y2I1LTM4YjUtNDUzMC02Y2Y3LWUyMGJkMzQyOWQ2ZCIsImRvbWFpbl9pZCI6IjI0MzMzMCIsInRfZXBvY2giOjE2MTQxNzE0MTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRkOWY0Y2I1LTM4YjUtNDUzMC02Y2Y3LWUyMGJkMzQyOWQ2ZCIsImRvbWFpbl9pZCI6IjI0MzMzMCIsInRfZXBvY2giOjE2MTQxNzE0MTYsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfV0=
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:56:57 UTC

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
799 B 49ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
777 B 49ms
34ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 480 B
725 B 266ms
266ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3117879301694713&correlator=257449891857273&output=ldjh&impl=fif&eid=21068891%2C31060230&vrg=2021021801&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210224&iu_parts=1254144%2Crecover_from_grief_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=iid6%3D558499%26t%3D134%26d%3D243330%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Drecover_from_grief_com-medrectangle-2-558499%26eb_br%3Dc16fac08e79a971524b1c6834f5caad3%26eba%3D1%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D280%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30&cookie_enabled=1&bc=31&abxe=1&lmt=1614171417&dt=1614171417706&dlt=1614171417374&idt=306&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1101&adks=2131127000&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.recover-from-grief.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1400375936.1614171418&ga_sid=1614171418&ga_hid=475982263&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e125e6fd41d74c4dcca04002424bfa74a1216ad259364b959006b3511771720a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.recover-from-grief.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 72ms
39ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sw.0.10.3.js Show response
www.recover-from-grief.com/wp-content/themes/mediavine-trellis/assets/dist/ 852 B
438 B 339ms
338ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/wp-content/themes/mediavine-trellis/assets/dist/sw.0.10.3.js
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/wp-content/themes/mediavine-trellis/assets/dist/main.0.10.3.js?ver=0.10.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 5bdedc808f721be5a2c9d2a6fd6330e1b18fe3521cd0b0cea198298bd24d88a6

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
content-length: 378
expires: Fri, 26 Mar 2021 12:56:57 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 white-dove-blue-background.jpg.webp
www.recover-from-grief.com/wp-content/uploads/2020/03/ 18 KB
18 KB 445ms
444ms Image
image/webp 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.recover-from-grief.com/wp-content/uploads/2020/03/white-dove-blue-background.jpg.webp
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 73e3d29c09b96578e08f5b04b4cc675e1b5830004b8e015530ac775258098a24

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: image/webp
x-middleton-display: staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
x-sol: pub_site
expires: Thu, 24 Feb 2022 12:56:57 GMT

GET
H2 200 dog-and-girl-walking-through-the-woods.jpg.webp
www.recover-from-grief.com/wp-content/uploads/2020/03/ 61 KB
62 KB 547ms
547ms Image
image/webp 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.recover-from-grief.com/wp-content/uploads/2020/03/dog-and-girl-walking-through-the-woods.jpg.webp
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: ca416cd6f907f5324163d19ffa65d5797503d8cfbe6d67cefeb4756d7add3f21

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: image/webp
x-middleton-display: staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
x-sol: pub_site
expires: Thu, 24 Feb 2022 12:56:57 GMT

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
19 B 31ms
30ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjYwMyJ9XX1d
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:57 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:56:57 UTC

GET
H2 200 jquery-migrate.min.js Show response
www.recover-from-grief.com/wp-includes/js/jquery/ 11 KB
4 KB 358ms
358ms Script
application/javascript 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=5.6.2
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: br
response: 200
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
display: staticcontent_sol, staticcontent_sol
vary: Accept-Encoding, Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol, staticcontent_sol
cache-control: max-age=31536000, public
x-middleton-response: 200
content-length: 3998
expires: Fri, 26 Mar 2021 12:56:58 GMT

GET
H2 200 dark-bottom.css
www.recover-from-grief.com/ezoic/styles/ 3 KB
780 B 31ms
31ms Stylesheet
text/css 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/ezoic/styles/dark-bottom.css
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/ezoic/cookieconsent.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: br
last-modified: Fri, 19 Feb 2021 23:00:11 GMT
server: nginx/1.16.0
etag: "bd7-5bbb86a0a74c0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex
content-length: 725

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
42 B 31ms
30ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRkOWY0Y2I1LTM4YjUtNDUzMC02Y2Y3LWUyMGJkMzQyOWQ2ZCIsImRvbWFpbl9pZCI6IjI0MzMzMCIsInRfZXBvY2giOjE2MTQxNzE0MTYsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijk0NiJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMTkyOCJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMjUifSx7Im5hbWUiOiJwZXJmX2ludGVyYWN0aXZlIiwidmFsIjoiNTMifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI0MDcifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTIwMCJ9XX1d
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:56:58 UTC

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
19 B 32ms
32ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIyMDY0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIyMDY0In1dfV0=
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:56:58 UTC

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
19 B 30ms
30ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZG93bmxpbmsiLCJ2YWwiOiIxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjRkOWY0Y2I1LTM4YjUtNDUzMC02Y2Y3LWUyMGJkMzQyOWQ2ZCIsImRvbWFpbl9pZCI6IjI0MzMzMCIsInRfZXBvY2giOjE2MTQxNzE0MTYsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:56:58 UTC

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
19ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021021801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9a977de9a109d3ada623eeac98e347e1420b15e64df54eac3ce4ba5b93b6b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6450
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:56:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 24 Feb 2021 12:56:58 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6CA0 12 KB
5 KB 36ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.recover-from-grief.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.recover-from-grief.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 24 Feb 2021 10:32:04 GMT
expires: Thu, 24 Feb 2022 10:32:04 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8694
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CA0 14 KB
6 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LmfE5ZMlM8QjZWyylbaJdeYzodpJKK3mlCt6sCr3jaw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 06:58:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 107915
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6256
x-xss-protection: 0
expires: Wed, 23 Feb 2022 06:58:23 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
40ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021021801&jk=3117879301694713&bg=!0tGl0ZLNAAXB_3NtwTsAKQB2-DxaRLzOJi1WDJqoKcNv2kdVKZSwkFj592_3jHRZxBsbnpLeM8CzAgAAAFFSAAAADWgBBwoAve_G3Lie3nu37s4T5MOkFMd6Xgrc2RmiqA5_38-J-9CyEsHdloIKm4rBVhRcGzNFQOzvNDxgrjqGfl6qFtQw9fSt9ykGDiZdgfFzdkXpovua-9vOgwRG1KqbvOOAIF3pTX0Cpgo6HyC6F6mh59RepW6aQBXQ-4THZ5p-U8CVRCfAipAMmsFYMEi2nc6f-uuIs78t8BbMX_DSnKI2GvC7FbynvpZDKhJ9JUotKFQXXFDG2XCalBnzr46ncy546JkB4jSyvObXIcOoSgj-M2YLQ98eLEZeg40udUvmazjrCjF9roPUD0dMFiXIapLbbC-mYPGPtmx76LIRs-umXo3NQGhFvZMMM--9HKg8HPiqr1wtmlGnE2TSWnoSJHoqRgIZXoxLMMQxn5s79941bbvoE5BFgU8wOZ9BCIgC74KOgxmi1umIkFJgXgCrLRH8BG3sCyiCtJOaFI-vZ8shQNPzkhW2FNreg0BXWsDPfWhw0cpY9jaCvFZqzKub1A_-o-314VPKL5bNVkEgrwDIEeJ4tyeHJByKPUR4IIDySU9Zvt0qaEI5d2fsLu37ESMCZbpvGxvsdzy-eZ2PfHovv8ITcgKQfS_uYZxGrcG8PVcRZQ47L-UkkIGX7wjfKj4A_DNodQhR2BrgEErwJVHnLXPgRYF08v1tMkg1IaSb9XJW6USF4vt5wltQtb01IC4862vOLhbKH_qpzvwWYZ4zoeaDK30C_ZvLRRqegqij27JpjFNq3mqPexom2601lvFZG3-ovWpvq5Czq3I_tOqV2LvsWw4pOECL9ArmoI0cE9RJzznVV_t1ngMB-BsZQyDOSK20F5ktUkDGYV_wWRBfBYTgidAMeaOFVMXDC1EnP7eMNf3UyCdCFnNle5vgejDARxek4jMW

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 12:56:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-161418351-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4183
date: Wed, 24 Feb 2021 11:47:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 24 Feb 2021 13:47:17 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
395 B 46ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=475982263&t=pageview&_s=1&dl=https%3A%2F%2Fwww.recover-from-grief.com%2F&ul=en-us&de=UTF-8&dt=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%20Grief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAUABAAAAAC~&jid=1698579729&gjid=825182396&cid=1400375936.1614171418&tid=UA-161418351-1&_gid=72744410.1614171420&_r=1&gtm=2ou2h0&z=255394860

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 12:57:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.recover-from-grief.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 463 B
695 B 254ms
254ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3117879301694713&correlator=1017782383006367&output=ldjh&impl=fif&eid=21068891%2C31060230&vrg=2021021801&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210224&iu_parts=1254144%2Crecover_from_grief_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=3&rcs=1&prev_scp=iid6%3D558499%26t%3D134%26d%3D243330%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Drecover_from_grief_com-medrectangle-2-558499%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D140%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C608%26lb%3D280%26reqt%3D1614171421068&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614171421&dt=1614171421073&dlt=1614171417374&idt=306&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1101&adks=2131127000&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.recover-from-grief.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1400375936.1614171418&ga_sid=1614171418&ga_hid=475982263&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c7bc0e00864e0e462b33ebf43638cedef31924b0d8fcc7659bb0a96cd1f2b6db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.recover-from-grief.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 29ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 28ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 480 B
433 B 270ms
270ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3117879301694713&correlator=691119646052658&output=ldjh&impl=fif&eid=21068891%2C31060230&vrg=2021021801&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210224&iu_parts=1254144%2Crecover_from_grief_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=2&prev_scp=iid6%3D558499%26t%3D134%26d%3D243330%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Drecover_from_grief_com-medrectangle-2-558499%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D70%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C608%2C17%2C19%2C608%26lb%3D140%26reqt%3D1614171421577&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1614171421&dt=1614171421581&dlt=1614171417374&idt=306&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1101&adks=2131127000&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.recover-from-grief.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1400375936.1614171418&ga_sid=1614171418&ga_hid=475982263&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

092c4ea6e80e39d8434b0df92a207f697623e9278455b09c58a7e4be22b0c915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.recover-from-grief.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
146 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
123 B 28ms
27ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.recover-from-grief.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Feb 2021 12:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 83 KB
28 KB 302ms
302ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3117879301694713&correlator=2195701894380442&output=ldjh&impl=fif&eid=21068891%2C31060230&vrg=2021021801&ptt=17&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210224&iu_parts=1254144%2Crecover_from_grief_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ris=1&rcs=3&prev_scp=iid6%3D558499%26t%3D134%26d%3D243330%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26a%3D%257C1%257C%26as%3Drevenue%26plat%3D1%26bra%3Dmod51%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Drecover_from_grief_com-medrectangle-2-558499%26eb_br%3D7432360301409ae695ba255f16fbcf06%26eba%3D1%26bv%3D4%26bvm%3D0%26bvr%3D4%26shp%3D1%26ftsn%3D3%26br1%3D20%26br2%3D140%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%252C14%252C28%252C4%252C51%252C0%252C88%252C0%252C71%252C30%252C0%252C31%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C17%2C608%2C17%2C19%2C608%2C17%2C18%2C19%2C608%26lb%3D70%26reqt%3D1614171422083&eri=1&cookie=ID%3D9a5fb80275d7cb87-2222389b95ba00a2%3AT%3D1614171421%3AS%3DALNI_MZr5oWK-uHpt75vx2fahsWmCSPWcA&bc=31&abxe=1&lmt=1614171422&dt=1614171422087&dlt=1614171417374&idt=306&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1101&adks=2131127000&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.recover-from-grief.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=1400375936.1614171418&ga_sid=1614171418&ga_hid=475982263&fws=512&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4f68656ef9dce44466fcc8fb2c944c33ab77c887d3d506e2174a77ddff15529d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPyR5JHJgu8CFYXkuwgdgLIItg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10940230164300979537/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPyR5JHJgu8CFYXkuwgdgLIItg&gqi=&layout=/sadbundle/%24csp%253Der3%24/10940230164300979537/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27632
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Wed, 24 Feb 2021 12:57:02 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.recover-from-grief.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
446 B 57ms
39ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3117879301694713&r=728x90&w=728&h=90&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 12:57:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EC89 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.recover-from-grief.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.recover-from-grief.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Wed, 24 Feb 2021 12:56:57 GMT
expires: Thu, 24 Feb 2022 12:56:57 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 5
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021801.js?31060230

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997197137185"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28345
x-xss-protection: 0
expires: Wed, 24 Feb 2021 12:57:02 GMT

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
65 B 51ms
51ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjUwMzYifV19XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:02 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:02 UTC

GET
H2 200 army.gif Show response
www.recover-from-grief.com/porpoiseant/ 0
19 B 50ms
49ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTg0OTkiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ1bml0IjoiZGl2LWdwdC1hZC1yZWNvdmVyX2Zyb21fZ3JpZWZfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTIzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNzQzMjM2MDMwMTQwOWFlNjk1YmEyNTVmMTZmYmNmMDYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU1ODQ5OSIsImRvbWFpbl9pZCI6IjI0MzMzMCIsInVuaXQiOiJkaXYtZ3B0LWFkLXJlY292ZXJfZnJvbV9ncmllZl9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTQxNzE0MTYsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA3LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTIzLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI1NTg0OTkiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ1bml0IjoiZGl2LWdwdC1hZC1yZWNvdmVyX2Zyb21fZ3JpZWZfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTIzLCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:02 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:02 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 85ms
24ms XHR
text/plain 3.126.196.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/porpoiseant/banger.js?cb=192-0&bv=6&v=42&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.196.163 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-196-163.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 24 Feb 2021 12:57:02 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
www.recover-from-grief.com/porpoiseant/ 0
19 B 51ms
51ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDItMjQifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMyJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiIzIn0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii02MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:02 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:02 UTC

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/ Frame 2CE1 16 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Requested by

Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f557afbeda8b1e4ed904436eefe258c1a64027aee798eb66b6f1fa2eda4b670

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/10940230164300979537/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3766
date: Tue, 23 Feb 2021 10:56:00 GMT
expires: Wed, 23 Feb 2022 10:56:00 GMT
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 93662
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EC89 0
0 60ms
59ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CSfNKHk02YPyKCIXJ7_UPgOWisAu18O-FYbu63ayBDfefwaKbCxABIPT5xiVgkYSThfwXoAHZzaeiA8gBCakCdZmTvjVltD7gAgCoAwHIAwiqBJACT9ABI-81171f4A6iNWpYx_bTw4CATMS7SvvwQ2tZtursvq1Kpv-xlgzHJTh7hVArKLorKxZV8_xS5Klz9Q1YJmFMCXgLtMRJlFAc3prjOEGDDNDWhVkPTCPN7jOYL4vykbewdZUu99zJn1k-0pWBj71CQRBrd56aQNHhgA2QHeXp5mR_mfOY7gygcOwFzyoFTz5OF8cPvOA_LM4NdUHr9n9Rd7OcfSfKc6DKZ1Cp8ESR6EJP-LlPavV9yfqDZvovSMsVZ2KdaYx2wKFarnNC-emIKD1_zTFpjqcv1NyUrc4Y3j4jb7r34fNVcDBiOLFRN9obM2TGw612EE0ePMXZbzo3QTAOZRukMs-ZstTlhkjABLbXp7SSA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAePsthdqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJzkINIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjIzMjU5MDg1NjA5MDk3M4AKA8gLAdgTDLIXGgoYCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=WMKcd0XP6C0&template_id=419&tpd=AGWhJmsC9lUKhreKsOLz6w13xKOC2CYKrdlFlLrl_TOlofQQHA
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/ Frame EC89 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/abg_lite_fy2019.js

Requested by

Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:31:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 17098042556881059079
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 12:31:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame EC89 3 KB
2 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/window_focus_fy2019.js

Requested by

Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:32:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1493
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 12:32:09 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EC89 107 KB
33 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613997191106504"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33369
x-xss-protection: 0
expires: Wed, 24 Feb 2021 12:57:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/ Frame EC89 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210222/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:31:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1510
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Mar 2021 12:31:52 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EC89 0
0 13ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQYa1qHo80WP7C2djzaPoxDpJal_QMYFUcvNKzYttFtyPEzPfsAHwQ4nNa0v0ZcZ6h6WwTgETRYeYQpk2f39s7mpE5Dg
Requested by: Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D864 143 B
226 B 8ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl5kKJSjFRfwuo9F8r2F__6xOhD9twON8OFiidX9RbtpPxN2jdbqlP7P-CgbwA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Feb 2021 12:41:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 938
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2CE1 9 KB
3 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 04:49:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 25 Feb 2021 04:49:22 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2CE1 22 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 17:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Feb 2021 17:30:56 GMT

GET
H3-Q050 200 d4ceb2f8dae22535edea7d1c9b8d7c2e.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/ Frame 2CE1 75 KB
20 KB 11ms
9ms Script
application/x-javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/d4ceb2f8dae22535edea7d1c9b8d7c2e.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b897f80be17cf6623b8ecf2101fade714236c5ec74042fbbf9495d4ebf406e3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 93662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19666
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Tue, 23 Feb 2021 10:56:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 10:56:00 GMT

GET
DATA 200
OK truncated
/ Frame EC89 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7849be12d71839c235c6f33bd4070a6ade302af67a10655c854e7afe835f311

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 2CE1 4 KB
764 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/d4ceb2f8dae22535edea7d1c9b8d7c2e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36b7dd68cb3209e0d249d41d567f5dc3a65d0ea88f046a4eb641747e3c1b8423

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Feb 2021 12:57:02 GMT
server: ESF
date: Wed, 24 Feb 2021 12:57:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Feb 2021 12:57:02 GMT

GET
H3-Q050 200 42f35c10c2804ffd276b6ac8af17a2b9.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/media/ Frame 2CE1 31 KB
31 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/media/42f35c10c2804ffd276b6ac8af17a2b9.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

043646429e3a780813a8fe2c603364d19cbca27ab776eac45b25f5a4481ae974

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 587398
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31309
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Wed, 17 Feb 2021 17:47:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 17:47:04 GMT

GET
H3-Q050 200 e2d48d28bf986915be9b856009af1226.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/media/ Frame 2CE1 112 B
207 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/media/e2d48d28bf986915be9b856009af1226.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88543024cf994576b9c2eed89bab1694f2e9d171b850a5bc0ffe332301445442

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 553771
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Thu, 18 Feb 2021 03:07:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Feb 2022 03:07:31 GMT

GET
H3-Q050 200 d34c901db7ca6bae45dd9078e3659201.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/media/ Frame 2CE1 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/media/d34c901db7ca6bae45dd9078e3659201.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10940230164300979537/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7401f5decc4d7a8f8e4a1ef2770bcd0a3ec028b6e35fa69db36ef3b7dfebb76

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 93662
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3431
x-xss-protection: 0
last-modified: Tue, 26 Jan 2021 08:46:32 GMT
server: sffe
date: Tue, 23 Feb 2021 10:56:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Feb 2022 10:56:00 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D864
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
187 B

14ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
URL: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl5kKJSjFRfwuo9F8r2F__6xOhD9twON8OFiidX9RbtpPxN2jdbqlP7P-CgbwA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Feb 2021 12:57:02 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 24-Feb-2021 13:57:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Feb 2021 12:57:02 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Feb 2021 12:57:02 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2CE1 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 531530
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:18:12 GMT

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2
fonts.gstatic.com/s/firasans/v10/ Frame 2CE1 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf6Xl7Glw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/css?family=Fira+Sans:500|Roboto:700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:54:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:22:40 GMT
server: sffe
age: 152
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15448
x-xss-protection: 0
expires: Thu, 24 Feb 2022 12:54:30 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EC89 42 B
479 B 73ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwrkeMAzdKa_hMQg084vs7XIiDgPcXM9DnlJzZgnkOjNHepUWOIyxH_dzhJ7yACxLBMw5oL-fVVRX8hRGbhABsTXu2iFxmEJ6FueLxofn_ifItHTuqeO5dtGm9Vg&sai=AMfl-YRspfR-7Hz1ObNgf7gjClBQunjchQgTB-XKgiYEOVPaj7hgkhAMoErxzWadKOeSZji7m_mCOzZAj5GGBkTlpHhpUGiQUF0RHUoiABDyIRVLreBLCHzMA3Yel-KL&sig=Cg0ArKJSzBqLB-48EHq6EAE&cid=CAASF-Roj4isrsbbjD77pTGwmh6pRKuFPfKN&id=osdim&mcvt=1004&p=1095,436,1185,1164&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210222&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2131127000&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614171422411&dlt=12&rpt=110&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 12:57:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
www.recover-from-grief.com/porpoiseant/ 0
65 B 33ms
32ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:03 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:03 UTC

GET
H2 200 audins.js Show response
go.ezoic.net/detroitchicago/ 821 B
1 KB 6ms
5ms Script
application/javascript 2600:9000:206f:be00:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezoic.net/detroitchicago/audins.js?cb=192-0
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:be00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:51:50 GMT
via: 1.1 a383f82b5d4e98bbd66535c2c4b20c9e.cloudfront.net (CloudFront)
last-modified: Sat, 30 Jan 2021 00:32:46 GMT
server: nginx/1.16.0
age: 1681513
etag: "335-5ba13427a2780;5ba13427a2780-gzip"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-robots-tag: noindex
content-length: 821
x-amz-cf-id: dFAbkrXNNEsKWlNLcpDxb97xQjyylw28-e3Bgq9s_9udVgRI4eCovQ==

GET
H2 200 army.gif Show response
www.recover-from-grief.com/porpoiseant/ 0
19 B 31ms
30ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE1NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUwMDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMS0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEyNDUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:03 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:03 UTC

GET
H2 200 army.gif Show response
www.recover-from-grief.com/porpoiseant/ 0
19 B 34ms
33ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTA4NyJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTUwMDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMS0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMjAwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI2OTIzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:03 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:03 UTC

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 24ms
7ms Script
application/javascript 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=192-0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:03 GMT
content-encoding: gzip
etag: "/D8P7qgiWm3WmfjhiS2eTg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 03 Mar 2021 12:57:03 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 79ms
23ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: go.ezoic.net
URL: https://go.ezoic.net/detroitchicago/audins.js?cb=192-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Feb 2021 12:57:03 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Thu, 25 Feb 2021 12:57:03 GMT

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
347 B 22ms
6ms Script
application/x-javascript 2600:9000:20eb:6a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Feb 2021 17:00:06 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
age: 71818
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: yM0mnb8AKC4zPkA40lZReLLQoeaAWXk1po-Yw17pZh-qVC85eihx5Q==

GET
H2 200 pixel;r=294826613;labels=Domain.recover_from_grief_com%2CDomainId.243330;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.recover-from-grief.com%2F;fpan=1;fpa=P0-114560095-1614171423665;ns=0;ce=1...
pixel.quantserve.com/ 35 B
372 B 10ms
8ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=294826613;labels=Domain.recover_from_grief_com%2CDomainId.243330;rf=0;uht=2;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.recover-from-grief.com%2F;fpan=1;fpa=P0-114560095-1614171423665;ns=0;ce=1;qjs=1;qv=fd8a15ce-20210219171058;cm=;gdpr=0;ref=;d=recover-from-grief.com;je=0;sr=1600x1200x24;dst=1;et=1614171423664;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%20G%2Cdescription.Welcome%252C%20my%20friend%252C%20to%20our%20grief%20loss%20recovery%20website%252E%20You%20have%20come%20to%20the%20rig%2Curl.https%3A%2F%2Fwww%252Erecover-from-grief%252Ecom%2Csite_name.Recover%20From%20Grief%2Cupdated_time.2020-03-26T22%3A33%3A28%2B00%3A00%2Cimage.https%3A%2F%2Fwww%252Erecover-from-grief%252Ecom%2Fwp-content%2Fuploads%2F2020%2F03%2Fwhite-dove-blue-ba%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Erecover-from-grief%252Ecom%2Fwp-content%2Fuploads%2F2020%2F03%2Fwhite-dove-blue-ba%2Cimage%3Awidth.800%2Cimage%3Aheight.600%2Cimage%3Aalt.Beautiful%20white%20dove%20in%20the%20sky%2Cimage%3Atype.image%2Fjpeg%2Ctitle.Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%2Ctype.website%2Cimage.https%3A%2F%2Fwww%252Erecover-from-grief%252Ecom%2Fwp-content%2Fuploads%2F2020%2F03%2Fwhite-dove-blue-ba%2Csite_name.Recover%20From%20Grief%2Curl.https%3A%2F%2Fwww%252Erecover-from-grief%252Ecom%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Feb 2021 12:57:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20015427&ns__t=1614171423692&ns_c=UTF-8&cv=3.5&c8=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%2...
https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1614171423692&ns_c=UTF-8&cv=3.5&c8=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%...

0
528 B

27ms
27ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1614171423692&ns_c=UTF-8&cv=3.5&c8=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%20Grief&c7=https%3A%2F%2Fwww.recover-from-grief.com%2F&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Feb 2021 12:57:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20015427&ns__t=1614171423692&ns_c=UTF-8&cv=3.5&c8=Grief%20Loss%20Recovery%20-%20Hope%20and%20Health%20Through%20Creative%20Grieving%20-%20Recover%20From%20Grief&c7=https%3A%2F%2Fwww.recover-from-grief.com%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Wed, 24 Feb 2021 12:57:03 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
www.recover-from-grief.com/porpoiseant/ 0
19 B 32ms
32ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjU1ODQ5OSIsImRvbWFpbl9pZCI6IjI0MzMzMCIsInVuaXQiOiJkaXYtZ3B0LWFkLXJlY292ZXJfZnJvbV9ncmllZl9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MTQxNzE0MTYsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6IjRkOWY0Y2I1LTM4YjUtNDUzMC02Y2Y3LWUyMGJkMzQyOWQ2ZCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1MjMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNTU4NDk5IiwiZG9tYWluX2lkIjoiMjQzMzMwIiwidW5pdCI6ImRpdi1ncHQtYWQtcmVjb3Zlcl9mcm9tX2dyaWVmX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYxNDE3MTQxNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNGQ5ZjRjYjUtMzhiNS00NTMwLTZjZjctZTIwYmQzNDI5ZDZkIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzUyMywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:03 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:03 UTC

GET
H2 200 greenoaks.gif Show response
www.recover-from-grief.com/detroitchicago/ 0
65 B 32ms
32ms XHR
text/plain 52.47.187.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.recover-from-grief.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI0ZDlmNGNiNS0zOGI1LTQ1MzAtNmNmNy1lMjBiZDM0MjlkNmQiLCJkb21haW5faWQiOiIyNDMzMzAiLCJ0X2Vwb2NoIjoxNjE0MTcxNDE2LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMSJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIxNzM1MjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19jb3VudCIsInZhbCI6IjIifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjExNDE2MDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjcxMzUifV19XQ==
Requested by: Host: www.recover-from-grief.com
URL: https://www.recover-from-grief.com/detroitchicago/memphis.js?gcb=192-0&cb=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.47.187.175 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-47-187-175.eu-west-3.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.recover-from-grief.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 12:57:05 GMT
server: nginx/1.16.0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Tue, 23 Feb 2021 12:57:05 UTC

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.recover-from-grief.com/	1970-01-20 01:08:27	Name: ezux_lpl_243330 Value: 1614171418595\|4d9f4cb5-38b5-4530-6cf7-e20bd3429d6d\|false

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.recover-from-grief.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=5.6.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
bfec72757b6ba784b491929f16ab8605.safeframe.googlesyndication.com
cdn-0.recover-from-grief.com
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.recover-from-grief.com
142.250.186.162
184.25.115.49
2600:9000:206f:be00:2:cb38:840:93a1
2600:9000:20eb:6a00:6:44e3:f8c0:93a1
2606:4700:3034::6815:3d31
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
3.126.196.163
52.47.187.175
0001e893552b1e9805eaf2cfe9b6867ddb916e2213083d8d1513aa3e2ee2dd78
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
043646429e3a780813a8fe2c603364d19cbca27ab776eac45b25f5a4481ae974
0778434a92d7cd1e2d947c1350506f89d795201ad1454532f143159a56189597
08375cebca0d36f2fa3ec9e027a974146af7161553e4319a418d4cee6b38bed7
092c4ea6e80e39d8434b0df92a207f697623e9278455b09c58a7e4be22b0c915
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f557afbeda8b1e4ed904436eefe258c1a64027aee798eb66b6f1fa2eda4b670
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
15f0626dd31e3e991a1c21d6304f2e370b92b3c91650de3d7ed8a38f1159a457
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b68431bd479f66f60cca8fef9520547c0f28390680174d8b36c5591085e8393
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
26b4485584314aa0850427462143a6a28b66c982db28deb42766214fad7744c7
2cd6cff81ed30607212a76cf14df956553f17dc9f8024a720e7acb0dd2ec1b78
2da7bd2aa1105b4c8f6e02d99cf67255fa07f3a99e06f001c50267f965bb26d0
2e67c4e5932533c423656cb295b68975e633a1da4928ade6942b7ab02af78dac
326b9524fd6295565871de3f0cbd08993794c17160f1b41183cd329e5a90f021
36b7dd68cb3209e0d249d41d567f5dc3a65d0ea88f046a4eb641747e3c1b8423
41eb9054d5d5527274926b32631be8eb22dd6254f15a4d9d14cfe2688ea4f538
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b897f80be17cf6623b8ecf2101fade714236c5ec74042fbbf9495d4ebf406e3
4c3557231233b94a35d652b3aeffe5d162eebc926cd102d3dba5ec5923160b8b
4f68656ef9dce44466fcc8fb2c944c33ab77c887d3d506e2174a77ddff15529d
5578a62b81f315375d072cfe506fc13813e844f94c910bdb15ce20e1fc3ef50a
5946b6bfd1d94700bf85da8e894b66337e8a45dae6b68b9a1aca157c9aa5a7e5
5bdedc808f721be5a2c9d2a6fd6330e1b18fe3521cd0b0cea198298bd24d88a6
5f7fd5989c12c6559d04ebec24d035a6781b0732ad49ab642a33b8b26cfe0a5b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
73e3d29c09b96578e08f5b04b4cc675e1b5830004b8e015530ac775258098a24
809b33913d4c67c6491bd1e55450d56ad82697d552146910dd943199afde766c
85a338617662d735d198586a87e29b9389f00db971becfc9ad529a7c3e7b2240
86f937a29eaee70aaf9935799a414bea46c62fb136cc0465f63f9d6820cf4982
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
882864ecc1f7b894e7c9be9d4286c195157971d1ca1f6dfc3bcd31a7ad56a296
88543024cf994576b9c2eed89bab1694f2e9d171b850a5bc0ffe332301445442
914b73676b4bf4e69e510938a1753e76280a5e1100de6c74cddb293eba1a00f8
94edf973e9deb80b5eccf17f8f3108eafe15209fe25fe417e8f8962a4d8f48b3
997e1fbf8331c9f3af1ff0ace8c73754cbfce4c143c785b7bc44dbcead23576e
9b26fc778f470185f7e047d5ba6eec79db1dc6c0a07cb6095748e9d113722031
9d09e0a7a1dd10d174fcf8cab650952432c1fd1b65dd811c1ab75fb7b6cb45c0
a08dee47fd97f74ddf2be9978c15331f33ddda2465c8866e64dd238b725e5607
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a405f62e5c218a1571778836d2c593fbfd26caa47cd010c232042b31d0612a98
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b9a977de9a109d3ada623eeac98e347e1420b15e64df54eac3ce4ba5b93b6b1a
baffe724fb467e0749a69548845ef1e6804be04f906d5c61a0f5bc57f17a382b
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bf8921b49510efc41d6ce26a3a5d6bd53d65afc5f7ce3b523bee1571360d3080
c7bc0e00864e0e462b33ebf43638cedef31924b0d8fcc7659bb0a96cd1f2b6db
c80203c7eae413cecc09a4ed0974e31a8538060cddd5bc1f1a5bfa53db672c9e
c93d6da600e5d07ddf48abc997bfa3411254b49d793827c228e55b714084e603
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca416cd6f907f5324163d19ffa65d5797503d8cfbe6d67cefeb4756d7add3f21
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7401f5decc4d7a8f8e4a1ef2770bcd0a3ec028b6e35fa69db36ef3b7dfebb76
d7849be12d71839c235c6f33bd4070a6ade302af67a10655c854e7afe835f311
d98f76f0461187c365efd671a87749384de00b589e87fb30c0486a892769c412
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e125e6fd41d74c4dcca04002424bfa74a1216ad259364b959006b3511771720a
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e707397659a327ca2c365daccf19d3673c313bc9db68c2eb9a10790c5f75dd
f76bf2498cc215bd189c7e15bdd617ef64110566f7701dcf920ad3838301624b
fe6a48747b4627a73539a30f4c7bc4c966504272596f1ee9f5a1bf59594d759c

www.recover-from-grief.com Open in urlscan Pro 52.47.187.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

101 Requests

100 %HTTPS

82 %IPv6

15 Domains

22 Subdomains

22 IPs

3 Countries

746 kBTransfer

1995 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

101 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.recover-from-grief.com Open in urlscan Pro
52.47.187.175 Public Scan

Screenshot
Live screenshot

Full Image

101
Requests

100 %
HTTPS

82 %
IPv6

15
Domains

22
Subdomains

22
IPs

3
Countries

746 kB
Transfer

1995 kB
Size

1
Cookies

101 HTTP transactions
3 data transactions