www.avera.org Open in urlscan Pro
52.162.218.125 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.avera.org/
Effective URL:
https://www.avera.org/
Submission: On November 15 via manual (November 15th 2021, 4:08:17 pm UTC) from US — Scanned from DE

Summary HTTP 140 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 41 domains to perform 140 HTTP transactions. The main IP is 52.162.218.125, located in Chicago, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.avera.org.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on January 16th 2020. Valid for: 2 years.

This is the only time www.avera.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 59	52.162.218.125 52.162.218.125	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3031::ac43:91b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.98.29 143.204.98.29	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:215... 2600:9000:2156:9400:12:de4a:40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:215... 2600:9000:2156:2600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	143.204.98.39 143.204.98.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2 6	198.8.71.129 198.8.71.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	143.204.98.44 143.204.98.44	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.69 143.204.98.69	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.43 143.204.98.43	16509 (AMAZON-02) (AMAZON-02)
3	34.255.166.68 34.255.166.68	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.214.44.171 52.214.44.171	16509 (AMAZON-02) (AMAZON-02)
1 2	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.93.158.246 54.93.158.246	16509 (AMAZON-02) (AMAZON-02)
1 1	143.204.98.76 143.204.98.76	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	23.21.225.74 23.21.225.74	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4200:787a:99c3:22c2:11ca	14618 (AMAZON-AES) (AMAZON-AES)
1	3.125.86.125 3.125.86.125	16509 (AMAZON-02) (AMAZON-02)
1	52.17.218.77 52.17.218.77	16509 (AMAZON-02) (AMAZON-02)
1 2	18.192.203.176 18.192.203.176	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	52.202.69.186 52.202.69.186	14618 (AMAZON-AES) (AMAZON-AES)
140	45

59 52.162.218.125 (Chicago, United States) 7 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.avera.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b0 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-29.fra50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:9400:12:de4a:40:93a1 (United States)

ASN16509 (AMAZON-02, US)

30531.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-39.fra50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.8.71.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20770730p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-44.fra50.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-69.fra50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-43.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.255.166.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.44.171 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.210.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.158.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-158-246.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.76 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-76.fra50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.225.74 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-225-74.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:787a:99c3:22c2:11ca (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.86.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-86-125.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.218.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-218-77.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.203.176 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.69.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: pi0-lba1-1-ue1.aws.pardot.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	avera.org 7 redirects www.avera.org	1 MB
11	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	71 KB
6	rfihub.com 2 redirects 20770730p.rfihub.com a.rfihub.com p.rfihub.com	8 KB
6	facebook.com www.facebook.com	892 B
6	tctm.co 30531.tctm.co	27 KB
5	addthis.com s7.addthis.com m.addthis.com x.dlx.addthis.com	217 KB
5	fonts.net fast.fonts.net	64 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	3 KB
4	facebook.net connect.facebook.net	288 KB
3	rlcdn.com 1 redirects idsync.rlcdn.com	1013 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	bing.com bat.bing.com	11 KB
3	google-analytics.com www.google-analytics.com	21 KB
2	pardot.com pi.pardot.com	3 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	608 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	eyeota.net 1 redirects ps.eyeota.net	1 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	invocacdn.com solutions.invocacdn.com	41 KB
2	youtube.com www.youtube.com	47 KB
2	google.de www.google.de	530 B
2	google.com www.google.com	530 B
2	googletagmanager.com www.googletagmanager.com	119 KB
1	krxd.net beacon.krxd.net	338 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	786 B
1	serving-sys.com bs.serving-sys.com	105 B
1	media.net contextual.media.net	614 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	676 B
1	hotjar.io vc.hotjar.io	256 B
1	addthisedge.com v1.addthisedge.com	932 B
1	moatads.com z.moatads.com	1 KB
1	rfihub.net c1.rfihub.net	6 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	siteimproveanalytics.com siteimproveanalytics.com	854 B
140	41

	Domain	Requested by
59	www.avera.org	7 redirects www.avera.org
6	www.facebook.com	www.avera.org
6	30531.tctm.co	www.googletagmanager.com 30531.tctm.co
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
5	fast.fonts.net	www.avera.org fast.fonts.net
4	p.rfihub.com	2 redirects www.avera.org
4	connect.facebook.net	www.avera.org connect.facebook.net
3	idsync.rlcdn.com	1 redirects www.avera.org
3	tracking.crazyegg.com	script.crazyegg.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.avera.org
3	www.google-analytics.com	www.avera.org www.google-analytics.com
3	s7.addthis.com	www.avera.org s7.addthis.com
2	pi.pardot.com	www.avera.org pi.pardot.com
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects www.avera.org
2	sync.search.spotxchange.com	1 redirects www.avera.org
2	dsum-sec.casalemedia.com	1 redirects www.avera.org
2	ps.eyeota.net	1 redirects
2	dpm.demdex.net	1 redirects www.avera.org
2	ib.adnxs.com	1 redirects www.avera.org
2	cm.g.doubleclick.net	2 redirects
2	solutions.invocacdn.com	www.avera.org solutions.invocacdn.com
2	www.youtube.com	www.avera.org www.youtube.com
2	www.google.de	www.avera.org
2	www.google.com	www.avera.org
2	www.googletagmanager.com	www.avera.org
1	beacon.krxd.net	www.avera.org
1	aa.agkn.com	www.avera.org
1	partners.tremorhub.com	www.avera.org
1	x.dlx.addthis.com	www.avera.org
1	bpi.rtactivate.com	www.avera.org
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	www.avera.org
1	contextual.media.net	www.avera.org
1	pixel.rubiconproject.com	www.avera.org
1	stags.bluekai.com	1 redirects
1	a.rfihub.com	www.avera.org
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	vc.hotjar.io	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	20770730p.rfihub.com	c1.rfihub.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	c1.rfihub.net	www.avera.org
1	static.hotjar.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.avera.org
140	52

This site contains links to these domains. Also see Links.

Domain
www.averahealthplans.com
www.facebook.com
twitter.com
www.youtube.com
pinterest.com
www.linkedin.com
www.addthis.com

Subject Issuer	Validity	Valid
www.avera.org DigiCert SHA2 Secure Server CA	`2020-01-16` - `2022-01-15`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2021-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.tctm.co Amazon	`2021-10-09` - `2022-11-06`	a year	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
invocacdn.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-10-18` - `2022-04-26`	6 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
pi.pardot.com DigiCert SHA2 Secure Server CA	`2020-12-05` - `2021-12-04`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.avera.org/
Frame ID: FD5EA89A22723E659FD4D7C2A4D403BA
Requests: 118 HTTP requests in this frame

Frame: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=&ra=5206653290233234
Frame ID: 93A61023635FA17E67EEA9CC91E5CD46
Requests: 20 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8D7867ABE801D7A94383FF1ED38E4497
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 8F4338196FB14F7E540850437A25B749
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Frame ID: EDA7DFA90C8B91AA7D38EB3365A0678A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Avera Health FacebookTwitterPrintAddThisFacebookTwitterPrintAddThis

Page URL History Show full URLs

http://www.avera.org/ HTTP 301
https://www.avera.org/ Page URL

Page Statistics

140
Requests

86 %
HTTPS

35 %
IPv6

41
Domains

52
Subdomains

45
IPs

5
Countries

2120 kB
Transfer

4961 kB
Size

55
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.averahealthplans.com/
Title: Find a Health Plan

Search URL Search Domain Scan URL

URL: https://www.facebook.com/AveraHealth/?ref=stream

Search URL Search Domain Scan URL

URL: https://twitter.com/averahealth

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/AveraVideos

Search URL Search Domain Scan URL

URL: http://pinterest.com/averahealth/health-and-wellness/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/avera-health

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.avera.org/ HTTP 301
https://www.avera.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.avera.org/app/files/public/multigenerational-family.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/70733/multigenerational-family.jpg?size=small

Request Chain 30

https://www.avera.org/app/files/public/mother-talking-and-laughing-with-her-kids.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg?size=small

Request Chain 31

https://www.avera.org/app/files/public/illustration-of-nose-breathing-in-words.jpg?size=small HTTP 302
https://www.avera.org/app/files/public/81630/illustration-of-nose-breathing-in-words.jpg?size=small

Request Chain 83

https://www.avera.org/app/files/public/multigenerational-family.jpg HTTP 302
https://www.avera.org/app/files/public/70733/multigenerational-family.jpg

Request Chain 84

https://www.avera.org/app/files/public/mother-talking-and-laughing-with-her-kids.jpg HTTP 302
https://www.avera.org/app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg

Request Chain 85

https://www.avera.org/app/files/public/illustration-of-nose-breathing-in-words.jpg HTTP 302
https://www.avera.org/app/files/public/81630/illustration-of-nose-breathing-in-words.jpg

Request Chain 111

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MjAxOTA5MDM4Mzc2ODA2NjY0NA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMPTQupS9yjs4gvud_eHD9E&google_cver=1

Request Chain 112

https://ib.adnxs.com/setuid?entity=18&code=2019090383768066644 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2019090383768066644

Request Chain 113

https://stags.bluekai.com/site/4722?id=2019090383768066644&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

Request Chain 115

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=2019090383768066644&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2019090383768066644&redir=

Request Chain 116

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=2019090383768066644&bid=omt9pi0 HTTP 302
https://ps.eyeota.net/match/bounce/?uid=2019090383768066644&bid=omt9pi0

Request Chain 119

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2019090383768066644&referrer=https%3A%2F%2Fwww.avera.org%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=e4ba202e-9e32-4620-ac31-ef6a4459d13c%3A1636992492.07&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3De4ba202e-9e32-4620-ac31-ef6a4459d13c%253A1636992492.07 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=e4ba202e-9e32-4620-ac31-ef6a4459d13c%3A1636992492.07 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPA0nezFqHr6Q_p0ndtD344&google_cver=1

Request Chain 121

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2019090383768066644&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2019090383768066644&forward=&C=1

Request Chain 124

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2019090383768066644&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2019090383768066644&img=1&__user_check__=1&sync_id=3b7b1598-462e-11ec-823b-19bfd3920506

Request Chain 128

https://x.bidswitch.net/sync?dsp_id=119&user_id=2019090383768066644&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2019090383768066644&expires=30

Request Chain 129

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZKF7AAE0QHjiABG HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YZKF7AAE0QHjiABG&_test=YZKF7AAE0QHjiABG

140 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.avera.org/
Redirect Chain

http://www.avera.org/
https://www.avera.org/

47 KB
18 KB

732ms
501ms

Document
text/html

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 64e894bded170154f1937129a75c6a5779c0351776f7a3f9ab07f641e5eca2bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=Edge,chrome=1
Date: Mon, 15 Nov 2021 16:08:09 GMT
Content-Length: 17696

Redirect headers

Cache-Control: private
Content-Type: text/html
Location: https://www.avera.org/
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-UA-Compatible: IE=Edge,chrome=1
Date: Mon, 15 Nov 2021 16:08:09 GMT
Content-Length: 0

GET
H/1.1 200
OK default.css
www.avera.org/css-min/ 24 KB
8 KB 205ms
116ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/default.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 13:46:57 GMT
Server: Microsoft-IIS/8.5
ETag: "809e5d23a6b3d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7937
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK client.css
www.avera.org/css-min/ 87 KB
26 KB 326ms
119ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/client.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 44ee91018324f016af8f7c25f91b051dea2f51e7cceff79f86ecdc466c6ce873

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 13:46:57 GMT
Server: Microsoft-IIS/8.5
ETag: "809e5d23a6b3d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 26228
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera.css
www.avera.org/css-min/ 285 KB
71 KB 359ms
133ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/avera.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0c64edb11668c9377daf0ea939fbb379020d48fe3b495ae5a42575531f117c45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 13:46:56 GMT
Server: Microsoft-IIS/8.5
ETag: "08c522a6b3d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 71872
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK home.css
www.avera.org/css-min/templates/ 5 KB
2 KB 354ms
129ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/css-min/templates/home.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 739a43fbfb36a63df33ba91392ff26faea351484f86c3c9e4b699bef0e58ef40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 27 Sep 2021 13:47:07 GMT
Server: Microsoft-IIS/8.5
ETag: "807f5329a6b3d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2157
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery-1.11.3.min.js Show response
www.avera.org/scripts/ 93 KB
47 KB 365ms
133ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/jquery-1.11.3.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 18:58:00 GMT
Server: Microsoft-IIS/8.5
ETag: "02c241876b1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 47758
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK jquery-migrate-1.2.1.min.js Show response
www.avera.org/scripts/ 7 KB
4 KB 365ms
132ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/jquery-migrate-1.2.1.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 20:16:56 GMT
Server: Microsoft-IIS/8.5
ETag: "02ced37aad7d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4079
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 150 KB
67 KB 452ms
124ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637159906040000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 20:16:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Tue, 15 Nov 2022 16:00:14 GMT
Cache-Control: public
Content-Length: 68352
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 14 KB
4 KB 471ms
117ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=4UFlqIq8P5vCqX7mGiiCoiYajF5qqMK4eXrfRm20qRSmjebHCDxmFewFviNSce0tRLIuJS8RSusI_V43dzNNKzWIBV23GD5pxiL50mxZJVIHbHBn6SXcLqCdWDlEnf7PywP3dXMjABZgtsUusZ6PuK72JMpSzefIlMJlG4L0vVjzwWdnlHyyW3iTA8hgjj1q0&t=637159906040000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 20:16:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Tue, 15 Nov 2022 16:00:14 GMT
Cache-Control: public
Content-Length: 3308
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
fast.fonts.net/cssapi/ 10 KB
2 KB 507ms
465ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c05a4195d77adbe32ab35386e09ad5ba9aeb4c9fa9ba030d52b5510f0f3a9c5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:10 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-meta-user-agent-id: wfsSFTPtoS3@s-204fa1710a0a4f788
x-amz-request-id: 2XWP8T3EQZBK186R
x-amz-id-2: eitpxZ6xZ/+AYTHPS+34xhW4qtjyQhClyCZACmEBAHKfaPOYIxClfHmIlw5gN3AyVjCthgGHeiY=
x-amz-meta-user-agent: AWSTransfer
last-modified: Thu, 22 Jul 2021 20:44:04 GMT
server: cloudflare
etag: W/"cf7a1b37ef8fc326a169f8ddb55ee5f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 6ae9bc989f52374a-MXP
expires: Mon, 15 Nov 2021 20:08:10 GMT

GET
H/1.1 200
OK owl.carousel.min.css
www.avera.org/scripts/3rdparty/owl.carousel/assets/ 3 KB
2 KB 364ms
132ms Stylesheet
text/css 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/3rdparty/owl.carousel/assets/owl.carousel.min.css
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e7b710346963f80a29dd95dacb89164d4c0572ee6506d5cd67912f2ea4dd4106

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 18:58:02 GMT
Server: Microsoft-IIS/8.5
ETag: "059551976b1d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1265
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 57ms
21ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9663759

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

de57aff4702f7b6d66abdb934f6dd3fa6975721d3538bb98c9d11909599e74d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35971
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Nov 2021 16:08:10 GMT

GET
H/1.1 200
OK avera-logo.png
www.avera.org/imgs/ 8 KB
8 KB 222ms
126ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7774
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-logo-rev-white.png
www.avera.org/imgs/ 6 KB
6 KB 118ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo-rev-white.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 6225
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-chart.png
www.avera.org/imgs/ 6 KB
7 KB 149ms
120ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-chart.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 6373
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK search-icon2x.png
www.avera.org/imgs/icons/ 2 KB
2 KB 128ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/search-icon2x.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2084
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 23 KB
7 KB 116ms
116ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=jYr4BoKVcrfRFg4D2UDxHtVjNMwp56ezP2GkmXW49ia4Sqv1UQQFNu40QJ-liMfAwKUTPvfvs0bRzz2tA8ruXgf9vDoZm7611lzjWsP0C181&t=637453852754849868
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 01:27:55 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: application/x-javascript
Expires: Tue, 15 Nov 2022 16:00:14 GMT
Cache-Control: public
Content-Length: 6768
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK client.js Show response
www.avera.org/scripts/ 46 KB
19 KB 119ms
118ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/client.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: aaa41afed6ee6e97662066baa136252cb123e1186328764aa7a071ea83fcc813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 18:58:00 GMT
Server: Microsoft-IIS/8.5
ETag: "02c241876b1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 18670
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK WebResource.axd Show response
www.avera.org/ 4 KB
1 KB 118ms
116ms Script
text/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/WebResource.axd?d=xOX35DcLGnQUQWyGiY1yPWRICwmw97Rz5mvhBxjeimDlkJbQ6UPJ10mO-dBfvKY9WSY3c6Dxgi_lUKjJpgWIr7yYJFjWU7QMv_O1ThF5DA7oUI65MlcUmSo1v7IrDc2G5kkx361X74lvmaeT3M2pqPl-pYNYZ_Ld0skuvebBwR-L_QX7kzOYJGwXzf0IRQTrHfWqi4lYXsuAENE1yS7plQ2&t=637159906040000000
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 20:16:44 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Vary: Accept-Encoding
Content-Type: text/javascript
Expires: Tue, 15 Nov 2022 16:00:15 GMT
Cache-Control: public
Content-Length: 1137
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 100 KB
36 KB 124ms
121ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/ScriptResource.axd?d=wYUnArtQrNPyvM7wYYZvMGcFuWb0b8YZD_JczWHOCf4UuZLV03v7D4tfOm3isce564hDtb_-Q6O_6cOUra9FC25usqadIzlCK20zlvmVr46qhtRn3cgt57vCzkN6323dPGuVxXrBxMIUw44ClwGUE6xGpsakvlIUkRJRbe6AE_ggG5PF7HZKXZoz7I1BN07i0&t=363be08
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 16:00:15 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 37031
Expires: Tue, 15 Nov 2022 16:00:15 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
www.avera.org/ 39 KB
14 KB 123ms
120ms Script
application/x-javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/ScriptResource.axd?d=MQB67sxauURHKIbBby0IauFkaTI8LOX0bxcsg78R-V4AFsUrZJv3SvekcyqbS6K_7DpmRHlZpNwxWjBj2cFBrePbJlSNtJNsVsCnCFMJzG17vN_I5Rs2KKfAD-oVVqYBJhNuJGNu7ysJvZxNBVNBGsqVCmaTGtJqFrfnXTazPKwVLJ71tf8yJl_3lBK-XDwK0&t=363be08
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 16:00:15 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: application/x-javascript
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
Content-Length: 14430
Expires: Tue, 15 Nov 2022 16:00:15 GMT

GET
H/1.1 200
OK covid-alert-icon.png
www.avera.org/app/files/public/76407/ 2 KB
3 KB 130ms
129ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/76407/covid-alert-icon.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 151fa1cdfdd05a9625e982980ba01431d60a9757304541f488396e441704d10e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Mon, 01 Jun 2020 21:10:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/png
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="covid-alert-icon.png"
Content-Length: 2242
Expires: Mon, 15 Nov 2021 16:13:11 GMT

GET
H/1.1 200
OK Homepage-.jpg
www.avera.org/app/files/public/72701/ 321 KB
321 KB 127ms
126ms Image
image/jpeg 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/72701/Homepage-.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 63fbe6b8cb77afea02ada0177f65349e394841ecec51ec7ba8f2ad24f289b159

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Wed, 15 Sep 2021 20:48:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="Homepage-.jpg"
Content-Length: 328499
Expires: Mon, 15 Nov 2021 16:13:11 GMT

GET
H/1.1 200
OK covid-icon.svg
www.avera.org/imgs/icons/ 9 KB
9 KB 118ms
116ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/covid-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 8848
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK billpay-icon.svg
www.avera.org/imgs/icons/ 5 KB
5 KB 119ms
118ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/billpay-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4772
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK records-icon.svg
www.avera.org/imgs/icons/ 1 KB
2 KB 119ms
119ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/records-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1525
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK greeting-icon.svg
www.avera.org/imgs/icons/ 2 KB
2 KB 119ms
119ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/greeting-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2163
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK prayer-icon.svg
www.avera.org/imgs/icons/ 2 KB
3 KB 171ms
117ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/prayer-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2418
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK donate-icon.svg
www.avera.org/imgs/icons/ 2 KB
2 KB 209ms
115ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/donate-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2215
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK employment-icon.svg
www.avera.org/imgs/icons/ 4 KB
4 KB 292ms
123ms Image
image/svg+xml 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/icons/employment-icon.svg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:18 GMT
Server: Microsoft-IIS/8.5
ETag: "07b1bff75b1d71:0"
Content-Type: image/svg+xml
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 4050
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

multigenerational-family.jpg
www.avera.org/app/files/public/70733/
Redirect Chain

https://www.avera.org/app/files/public/multigenerational-family.jpg?size=small
https://www.avera.org/app/files/public/70733/multigenerational-family.jpg?size=small

1 KB
2 KB

124ms
124ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/70733/multigenerational-family.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ce46864cbe9e47322dbc217815d6b98b0447233ad00f8b5a9d0deef25bb35d74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Tue, 25 Apr 2017 23:49:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="multigenerational-family.jpg"
Content-Length: 1532
Expires: Mon, 15 Nov 2021 16:13:11 GMT

Redirect headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/70733/multigenerational-family.jpg?size=small
Cache-Control: private
Content-Length: 180
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

mother-talking-and-laughing-with-her-kids.jpg
www.avera.org/app/files/public/81631/
Redirect Chain

https://www.avera.org/app/files/public/mother-talking-and-laughing-with-her-kids.jpg?size=small
https://www.avera.org/app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg?size=small

1 KB
2 KB

122ms
122ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 22ac6a77e24b2fee1092f8598da0487f44dff8bcf39ddc9bd7831849f2242cb1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Sun, 07 Nov 2021 20:39:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="mother-talking-and-laughing-with-her-kids.jpg"
Content-Length: 1441
Expires: Mon, 15 Nov 2021 16:13:11 GMT

Redirect headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg?size=small
Cache-Control: private
Content-Length: 197
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

illustration-of-nose-breathing-in-words.jpg
www.avera.org/app/files/public/81630/
Redirect Chain

https://www.avera.org/app/files/public/illustration-of-nose-breathing-in-words.jpg?size=small
https://www.avera.org/app/files/public/81630/illustration-of-nose-breathing-in-words.jpg?size=small

1 KB
1 KB

127ms
127ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/81630/illustration-of-nose-breathing-in-words.jpg?size=small
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a1cc9892da7a96a086962cb2348bd5afb3e478f0290f3149c60517b9b5e9df48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Sun, 07 Nov 2021 20:39:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="illustration-of-nose-breathing-in-words.jpg"
Content-Length: 1095
Expires: Mon, 15 Nov 2021 16:13:11 GMT

Redirect headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/81630/illustration-of-nose-breathing-in-words.jpg?size=small
Cache-Control: private
Content-Length: 195
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK east-side-dawley-farm-building-rendering-home-page.jpg
www.avera.org/app/files/public/80518/ 64 KB
65 KB 122ms
121ms Image
image/jpeg 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/80518/east-side-dawley-farm-building-rendering-home-page.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0643a2f1b02f1850a0f1ca7318b64253f5e2ab2f1e1cfe25bf96ca4404ff3bba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Thu, 17 Jun 2021 21:33:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="east-side-dawley-farm-building-rendering-home-page.jpg"
Content-Length: 65761
Expires: Mon, 15 Nov 2021 16:13:11 GMT

GET
H/1.1 200
OK avera-tagline.png
www.avera.org/imgs/ 7 KB
7 KB 126ms
125ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-tagline.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ad66d871c32c273cc86469c0aeaee75cc1e972ab0bc1a5ee653ead2793d3d1be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 7050
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK facebook-gray.png
www.avera.org/imgs/ahp/ 797 B
1 KB 116ms
115ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/facebook-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 797
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK twitter-gray.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 118ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/twitter-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2116
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK youtube-gray.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 118ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/youtube-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1569
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK pinterest-gray.png
www.avera.org/imgs/ahp/ 2 KB
3 KB 117ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/pinterest-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2338
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK linkedin-gray.png
www.avera.org/imgs/ahp/ 1 KB
2 KB 118ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/linkedin-gray.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1265
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera-logo-reversed.png
www.avera.org/imgs/ 5 KB
6 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/avera-logo-reversed.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 5571
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK avera.js Show response
www.avera.org/scripts/ 96 KB
36 KB 124ms
121ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/avera.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c299ab481a066310d433b8df3ee71106eff9502484873d7986aef7e82165563f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 18:58:00 GMT
Server: Microsoft-IIS/8.5
ETag: "02c241876b1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 36423
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.avera.org/scripts/3rdparty/owl.carousel/ 42 KB
16 KB 133ms
132ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/3rdparty/owl.carousel/owl.carousel.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: c402ca2a095e6c86fc998b16a04ac1273d6c2744988216489bcbe4ca3c3ef03f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 18:58:02 GMT
Server: Microsoft-IIS/8.5
ETag: "059551976b1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 16076
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 131ms
95ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 15 Nov 2021 16:08:11 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 1.css
fast.fonts.net/t/ 0
252 B 56ms
56ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=e7c71b3d-30c4-4a9d-bece-6f5685523b0e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:10 GMT
cf-cache-status: HIT
age: 158206
cf-ray: 6ae9bc9c1f94374a-MXP
content-length: 0
x-amz-id-2: DS1d/jqCyYlqcQKohQ9e/oMGec2314oxR6QRbhPqR8KGxGiirp0R8KNmDk8Dtdf2qDPvgBg3wEA=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: Y0HC8J3J39N67GQ8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 317 KB
84 KB 86ms
52ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7f8ba697940b824658c63faf52938bd90a54564df2d7cb6da5ae4f52ccc16fb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 85615
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 Nov 2021 16:08:11 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 41ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: UBbvUCfo/p6UUw4T520vLGIJ8CVNLt3eZbALiQCD43tKv51vFb2ErnyeJMcL4z8VD+Ract8MmO6W+LjHG//brQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 15 Nov 2021 16:08:10 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_69057.js Show response
siteimproveanalytics.com/js/ 48 B
854 B 47ms
17ms Script
application/javascript 2606:4700:3031::ac43:91b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_69057.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a5d65b36347afce2d488a4f723a458ff945e1de549804199fd9b29a36ff9061

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 229
cf-ray: 6ae9bc9cdfe3323c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68
x-amz-id-2: elVwcbCI/VVmncLdtCXq3rxBqz3TCJ7PMyP8Tl16VXece3cZ47B+L0HkeebXASTL2a2MIiWYSQg=
last-modified: Tue, 12 Oct 2021 22:13:31 GMT
server: cloudflare
etag: "03c279fd2128abeca98be8664650114d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebrk3jMTuBqxfkTnnW33JOjVKmKWiH4CeylnIG%2FEmg4amOj2q1o6jUW9hm9WvnzV5J8I9L0Ixli4vG1j0O7afMD4J35Tk8WCHuQ4USLmGOBueSEwhjxqh9XPKwfR5M5dtBH40Q0YBWbTbudkY%2FyoL5yG6F9kFjg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: D8KQ66N7DKSV8Z5S
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 4487d7ba-1656-47e3-aaf0-b3a0054fb3b8.woff2
fast.fonts.net/dv2/14/ 20 KB
21 KB 500ms
461ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/4487d7ba-1656-47e3-aaf0-b3a0054fb3b8.woff2?d44f19a684109620e484157aae90e8188a15480d255609476ecf269dee85203a6d3b8b475a83b3b71dc97a35eba3eeff532a102db908028064a297b71d064bb9cf0eeb00d2694dd6bf1e2d5b789092317b6bf8a0105bf97e2f7549f568315068e6d16846d12db6ef25e2a264bdae640dc8dab9ed1dcdef580a45df345c51ca53bbb7b019d910db7651a398&projectId=e7c71b3d-30c4-4a9d-bece-6f5685523b0e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e562d2c60f337377db69a83c54a6d9874840afb10d37c5bb4f0c88ee86df3c94

Request headers

Referer: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Origin: https://www.avera.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 4XS6AQFNEDN02PTP
content-length: 20588
x-amz-id-2: R/Ts4kazi19HqcPnLhZKRPdKWTQac7alAH/IPzufET6UZrOlaAHrgZluXO05i4X3xzrZuSDFDUg=
expires: Mon, 15 Nov 2021 20:08:11 GMT
last-modified: Fri, 13 Nov 2020 10:55:31 GMT
server: cloudflare
etag: "62d077090b738c844db991d3bd911d62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6ae9bc9cc8a10f7e-MXP
x-amz-meta-mtime: 1418643055

GET
H2 200 3843099095725111 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 54ms
51ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3843099095725111?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

697094b8700fb026706da89123a6137de4c44645d005c8cc2e9a3a558f0f05b2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 59APm96zxoo+yEfd/s9IjqK9LL3Eej5daPNq8vxG0KLyRg9E0ThYblwNs/3oydK51xFm223XMCnCheyvjusVKQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 15 Nov 2021 16:08:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 425
date: Mon, 15 Nov 2021 16:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Mon, 15 Nov 2021 18:01:06 GMT

GET
H2 200 0056.js Show response
script.crazyegg.com/pages/scripts/0031/ 5 KB
2 KB 87ms
38ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf3e825264ebb9e242fff015420de3ca0de21fccf27c2d6eba56370cf078bdd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2370
cf-polished: origSize=4899
cf-ray: 6ae9bc9d9f0f0e16-MXP
ce-version: 11.1.358
last-modified: Mon, 15 Nov 2021 15:28:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 48ms
24ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 14377
x-xss-protection: 0
server: cafe
etag: 16570183496300854077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 16:08:11 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 35 KB
10 KB 113ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
last-modified: Wed, 03 Nov 2021 17:40:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D435B446823A492B8EA9006B16C8EA70 Ref B: FRAEDGE1511 Ref C: 2021-11-15T16:08:11Z
etag: "08933ecd9d0d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10202

GET
H2 200 hotjar-1590284.js Show response
static.hotjar.com/c/ 6 KB
3 KB 62ms
41ms Script
application/javascript 143.204.98.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1590284.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-29.fra50.r.cloudfront.net

Software

Resource Hash

507655834b289329f45008a587918c00be13a9eb0c16ea3770b4158c9beec662

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA50-C1
etag: W/cbd55416d45ea0485e231dacb52334ac
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 74zQjgK9FgssRXCshxG-dHhh8oG8f2mhj5DTK3T-AslTaM8MfU8lAw==
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)

GET
H2 200 t.js Show response
30531.tctm.co/ 87 KB
25 KB 92ms
30ms Script
application/x-javascript 2600:9000:2156:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/t.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WJDLK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 612a6d40c5e4e4ef03777d6de03ddeb921a8523630f61284787cb2c74e2d39ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 16:08:11 GMT
server: ctm
x-amz-cf-pop: FRA50-C1
etag: W/619285eb000077431672d26b-30531
x-cache: Miss from cloudfront
content-type: application/x-javascript
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: Um_o0QhoAX-MX2OXPg3AZeeaHDdWNA9ySm2sftAF05H-igogEfoKWg==

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 79ms
19ms Script
application/x-javascript 2600:9000:2156:2600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:02:06 GMT
content-encoding: gzip
last-modified: Mon, 15 Nov 2021 16:01:56 GMT
server: Jetty(9.3.29.v20201019)
age: 365
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: pYxvAZ0jOg_aZibanb3g00eKAEr0X6nCZfAEJ7kedJDyi_C-XSNDCQ==
expires: Mon, 15 Nov 2021 17:02:06 GMT

GET
H2 200 1565260733747379 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1565260733747379?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

802dd68dacc29cfbd673978083e87c9435eaa2dfdae3a3b79b7de4dd838e2c7e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: GcL/2h5mx8YK0IgRuTRG7znEDTM57NkjQwbjScjFvSbL7yF3MLDSiHhQ5JvRDE/1lpqUpPNMVsnuC+sOJLyVMA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 15 Nov 2021 16:08:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3843099095725111&ev=PageView&dl=https%3A%2F%2Fwww.avera.org%2F&rl=&if=false&ts=1636992491109&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636992491108.909302651&it=1636992491008&coo=false&exp=p0&rqm=GET

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 16:08:11 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 15:46:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1274
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 15 Nov 2021 16:46:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/ 2 KB
1 KB 50ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1060691714/?random=1636992491139&cv=9&fst=1636992491139&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.avera.org%2F&tiba=Avera%20Health&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb72c106fa2cfc0a55a76bdd035e0ddc5557910b7a58c500354042999e4d523e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 989
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=679043873&t=pageview&_s=1&dl=https%3A%2F%2Fwww.avera.org%2F&ul=en-us&de=UTF-8&dt=Avera%20Health&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBACEAjBAAAAC~&jid=1469653040&gjid=522112290&cid=1968710110.1636992491&tid=UA-2450492-1&_gid=1306597141.1636992491&_r=1&_slc=1&z=2125168694

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avera.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.dad547d55d09325865c9.js Show response
script.hotjar.com/ 224 KB
59 KB 38ms
9ms Script
application/javascript 143.204.98.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.dad547d55d09325865c9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1590284.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-39.fra50.r.cloudfront.net

Software

Resource Hash

d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 17:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 427325
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60319
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 17:25:15 GMT
etag: "20ec4d522a02fcf0254cd43ea667f540"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: nxwH0iI_AsAiHF_qnn7FS7Z5nnjvvmvybvhWFpCRd18_qP70NS2EHQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
316 B 61ms
20ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2450492-1&cid=1968710110.1636992491&jid=1469653040&gjid=522112290&_gid=1306597141.1636992491&_u=KGBACEAiBAAAAC~&z=2051493989

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.avera.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 15 Nov 2021 16:08:11 GMT
content-type: text/plain
access-control-allow-origin: https://www.avera.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0056.json Show response
script.crazyegg.com/pages/data-scripts/0031/ 14 KB
2 KB 79ms
39ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0031/0056.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7975614dca192310108ed2661139f65e203802aaa1794b83de6e9259734d1165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8614
ce-version: 11.1.358
content-length: 1859
timing-allow-origin: *
last-modified: Mon, 15 Nov 2021 13:44:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6ae9bc9e1d295a19-MXP

GET
H2 200 p.js Show response
30531.tctm.co/ 73 B
444 B 28ms
28ms Script
application/x-javascript 2600:9000:2156:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/p.js?sid=619285eb000077431672d26b&p=568859.1.605.322.1702,568859.1.888.422.1410,568859.1.605.322.1300,568859.1.507.532.9661,568859.1.507.532.1101&
Requested by: Host: 30531.tctm.co
URL: https://30531.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 3606a08170c0af249c0a413d9d76fdc1058f081086f637a1c21b77edea638fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
x-amz-cf-id: pRrDgyaNcM3r3FN9ocuiJ1p7xGayGJ4WqUDWP-6j5pNdYbGEKy3vgA==

GET
H/1.1 200
OK light-pattern.png
www.avera.org/imgs/ 2 KB
2 KB 168ms
119ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/light-pattern.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2194
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK facebook.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/facebook.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2065
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK twitter.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 118ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/twitter.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2049
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK youtube.png
www.avera.org/imgs/ahp/ 3 KB
4 KB 123ms
123ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/youtube.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 3571
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK pinterest.png
www.avera.org/imgs/ahp/ 2 KB
2 KB 117ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/pinterest.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 2270
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK linkedin.png
www.avera.org/imgs/ahp/ 1 KB
1 KB 117ms
117ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/ahp/linkedin.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/avera.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/avera.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1225
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 8a711a0d-3f17-4bfe-887b-6229858332b3.woff2
fast.fonts.net/dv2/14/ 21 KB
22 KB 474ms
473ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/8a711a0d-3f17-4bfe-887b-6229858332b3.woff2?d44f19a684109620e484157aae90e8188a15480d255609476ecf269dee85203a6d3b8b475a83b3b71dc97a35eba3eeff532a102db908028064a297b71d064bb9cf0eeb00d2694dd6bf1e2d5b789092317b6bf8a0105bf97e2f7549f568315068e6d16846d12db6ef25e2a264bdae640dc8dab9ed1dcdef580a45df345c51ca53bbb7b019d910db7651a398&projectId=e7c71b3d-30c4-4a9d-bece-6f5685523b0e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49a06338687e64a40b9489700701d3f767b3f26e7652873f892801ebf7957b53

Request headers

Referer: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Origin: https://www.avera.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
cf-cache-status: REVALIDATED
x-amz-meta-user-agent-id: wfsSFTPtoS3@s-204fa1710a0a4f788
x-amz-request-id: 4XS3WE4CFM06R960
content-length: 21992
x-amz-id-2: xLIw+kTVaiNpDw39wLifb16Cmd2V1K388vlY4kqN4/zYW6m1mbQkWpIU+COx4+Y5gftjG2dIbmw=
x-amz-meta-user-agent: AWSTransfer
last-modified: Sun, 14 Mar 2021 04:08:00 GMT
server: cloudflare
etag: "8c2080e187ba620b46bc84a53eee9763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6ae9bc9e3bc10f7e-MXP
expires: Mon, 15 Nov 2021 20:08:11 GMT

GET
H/1.1 200
OK ca.html Show response
20770730p.rfihub.com/ Frame 93A6 3 KB
4 KB 663ms
166ms Document
text/html 198.8.71.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20770730p.rfihub.com/ca.html?ver=9&rb=26159&ca=20770730&_o=26159&_t=20770730&pe=https%3A%2F%2Fwww.avera.org%2F&pf=&ra=5206653290233234
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: d617b276f33ce4fcea65a1d4ed8c33de93f673c201ae047dfbb6736c2b5cb762

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2786
Server: Jetty(9.3.29.v20201019)

GET
H2 200 270296221284406 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/270296221284406?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6400b25becfb035f0788674cc8623d30037c3e128e16fb83e8c144b97726747d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XGDuLaBl0mh1ONXxoLu7zYcFMZK59boGx5+cyiBccCe9wKehqA7uDjg4AcJF3YVhJqdAVWoJeaLlg0HvZTKrlw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 15 Nov 2021 16:08:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1565260733747379&ev=PageView&dl=https%3A%2F%2Fwww.avera.org%2F&rl=&if=false&ts=1636992491275&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636992491108.909302651&it=1636992491008&coo=false&exp=p0&rqm=GET

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 16:08:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
376 B 57ms
32ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2450492-1&cid=1968710110.1636992491&jid=1469653040&_u=KGBACEAiBAAAAC~&z=351695843

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
376 B 56ms
31ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-2450492-1&cid=1968710110.1636992491&jid=1469653040&_u=KGBACEAiBAAAAC~&z=351695843

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 69 KB
22 KB 36ms
36ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:50 GMT
server: cloudflare
age: 441342
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6ae9bc9eaa000e16-MXP
content-length: 22857

GET
H2 204 13006411.js Show response
bat.bing.com/p/action/ 0
110 B 166ms
166ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/13006411.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 16:08:11 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5CB74947BF11414ABE05872771B46646 Ref B: FRAEDGE1511 Ref C: 2021-11-15T16:08:11Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 68ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26535
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
1 KB 57ms
31ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api?_=1636992490879

Requested by

Host: www.avera.org
URL: https://www.avera.org/scripts/jquery-1.11.3.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Mon, 15 Nov 2021 16:08:11 GMT

GET
H2 200 091fe5d9-1aaa-4f3c-9b94-c83bb7c362ab.woff2
fast.fonts.net/dv2/14/ 19 KB
20 KB 467ms
466ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/091fe5d9-1aaa-4f3c-9b94-c83bb7c362ab.woff2?d44f19a684109620e484157aae90e8188a15480d255609476ecf269dee85203a6d3b8b475a83b3b71dc97a35eba3eeff532a102db908028064a297b71d064bb9cf0eeb00d2694dd6bf1e2d5b789092317b6bf8a0105bf97e2f7549f568315068e6d16846d12db6ef25e2a264bdae640dc8dab9ed1dcdef580a45df345c51ca53bbb7b019d910db7651a398&projectId=e7c71b3d-30c4-4a9d-bece-6f5685523b0e
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cc954d435542d3d2ced741ce3ef403909cfc0030acb3921e67c5a1f738e04ce

Request headers

Referer: https://fast.fonts.net/cssapi/e7c71b3d-30c4-4a9d-bece-6f5685523b0e.css
Origin: https://www.avera.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: CKXPWYWP9ECMKR3V
content-length: 19572
x-amz-id-2: YNWladpd+j14HjQZLbZToYNdDCypV9a7yiMWZwGxtjBq8sT6L++DKzSQsNxGixGF90G/7lHHkEc=
expires: Mon, 15 Nov 2021 20:08:11 GMT
last-modified: Fri, 30 Oct 2020 02:06:06 GMT
server: cloudflare
etag: "369918b9dd913abb2b431d3909781d7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6ae9bc9f3db20f7e-MXP
x-amz-meta-mtime: 1418544260

GET
H/1.1 200
OK arrow-up-circle.png
www.avera.org/imgs/ 1 KB
2 KB 116ms
116ms Image
image/png 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/imgs/arrow-up-circle.png
Requested by: Host: www.avera.org
URL: https://www.avera.org/css-min/client.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/css-min/client.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Fri, 24 Sep 2021 18:57:16 GMT
Server: Microsoft-IIS/8.5
ETag: "04eeafd75b1d71:0"
Content-Type: image/png
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 1326
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

multigenerational-family.jpg
www.avera.org/app/files/public/70733/
Redirect Chain

https://www.avera.org/app/files/public/multigenerational-family.jpg
https://www.avera.org/app/files/public/70733/multigenerational-family.jpg

107 KB
107 KB

136ms
136ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/70733/multigenerational-family.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 0176d46fd7eac75189c3ab4484e73eaf6dab271fd92bdbcfa2a4b1b75c058687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Tue, 25 Apr 2017 23:49:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="multigenerational-family.jpg"
Content-Length: 109607
Expires: Mon, 15 Nov 2021 16:13:12 GMT

Redirect headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/70733/multigenerational-family.jpg
Cache-Control: private
Content-Length: 169
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

mother-talking-and-laughing-with-her-kids.jpg
www.avera.org/app/files/public/81631/
Redirect Chain

https://www.avera.org/app/files/public/mother-talking-and-laughing-with-her-kids.jpg
https://www.avera.org/app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg

86 KB
86 KB

130ms
130ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 27cad1b16f56ed89632faae9c33df8e148eccf53c6d8f474c9a074f644721a06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Sun, 07 Nov 2021 20:39:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="mother-talking-and-laughing-with-her-kids.jpg"
Content-Length: 87619
Expires: Mon, 15 Nov 2021 16:13:12 GMT

Redirect headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/81631/mother-talking-and-laughing-with-her-kids.jpg
Cache-Control: private
Content-Length: 186
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1

200
OK

illustration-of-nose-breathing-in-words.jpg
www.avera.org/app/files/public/81630/
Redirect Chain

https://www.avera.org/app/files/public/illustration-of-nose-breathing-in-words.jpg
https://www.avera.org/app/files/public/81630/illustration-of-nose-breathing-in-words.jpg

37 KB
37 KB

123ms
123ms

Image
image/jpeg

52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.avera.org/app/files/public/81630/illustration-of-nose-breathing-in-words.jpg
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: e4c1b6c7b3089a2c675ce9e4416efd25060f64171038b21566140fbddd7162ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Last-Modified: Sun, 07 Nov 2021 20:39:00 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: image/jpeg
Cache-Control: public
X-UA-Compatible: IE=Edge,chrome=1
content-disposition: inline;filename="illustration-of-nose-breathing-in-words.jpg"
Content-Length: 37514
Expires: Mon, 15 Nov 2021 16:13:12 GMT

Redirect headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Content-Type: text/html; charset=utf-8
Location: /app/files/public/81630/illustration-of-nose-breathing-in-words.jpg
Cache-Control: private
Content-Length: 184
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 p.js Show response
30531.tctm.co/ 73 B
444 B 21ms
21ms Script
application/x-javascript 2600:9000:2156:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/p.js?sid=619285eb000077431672d26b&p=568859.1.605.322.1702,568859.1.888.422.1410,568859.1.605.322.1300,568859.1.507.532.9661,568859.1.507.532.1101&
Requested by: Host: 30531.tctm.co
URL: https://30531.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: 3606a08170c0af249c0a413d9d76fdc1058f081086f637a1c21b77edea638fb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
x-amz-cf-id: OoUL5xbEJYAkKIK1VTsvJx5-eS3cbV2CLdmU394RzVv4FXQNt0yt5Q==

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5758661bf07842e6/ 3 KB
932 B 534ms
533ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5758661bf07842e6/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8dbefa80306c9e4696dea4b2ee43e5d540482600435980fe4649cce91dd0ea6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
etag: -2140381299--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 755

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 637ms
636ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=619285ebd3e4621d&bkl=0&bl=1&pdt=1239&sid=619285ebd3e4621d&pub=ra-5758661bf07842e6&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.avera.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1636992491456&jsl=1&uvs=619285eb892edbe4000&skipb=1&callback=addthis.cbs.jsonp__77347377181695580
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1de59702de25541f557e7e6180a277b272c8876abc0eb5f8ca5682fc52aad1cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:12 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 8D78 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 8F43 71 KB
26 KB 515ms
515ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Mon, 15 Nov 2021 16:08:11 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 /
www.google.com/pagead/1p-user-list/1060691714/ 42 B
154 B 22ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1060691714/?random=1636992491139&cv=9&fst=1636992000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.avera.org%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=1460531014&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1060691714/ 42 B
154 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1060691714/?random=1636992491139&cv=9&fst=1636992000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&frm=0&url=https%3A%2F%2Fwww.avera.org%2F&tiba=Avera%20Health&async=1&fmt=3&is_vtc=1&random=1460531014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 121 KB
39 KB 59ms
9ms Script
text/javascript 143.204.98.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-44.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 307f35ee8f3c5ffd969359073522b271a428f0890a13153092d74c767fd4aa4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 2VxkoHul4jxC._XWZYi5AB_8EP6DfCUq
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 17:55:44 GMT
server: AmazonS3
age: 3297
etag: W/"b65f1571ab153a84344ee212f579f79e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Mon, 15 Nov 2021 15:13:14 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lCmXOiYBexs5r179C5zNMEbNx8rZ9wHKiEmWx5uoAgCijfCRAf6Rew==

GET
H2 204 0
bat.bing.com/action/ 0
149 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=13006411&tm=gtm002&Ver=2&mid=f6ea1f88-96db-457f-aebb-9ace23e6c79c&sid=3b123960462e11eca60f153375c25ad4&vid=3b1273b0462e11ec956bcddb2b942343&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Avera%20Health&p=https%3A%2F%2Fwww.avera.org%2F&r=&lt=2323&evt=pageLoad&msclkid=N&sv=1&rn=154453
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2468FB4499704EA09A625E5E96677842 Ref B: FRAEDGE1511 Ref C: 2021-11-15T16:08:11Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK slick.js Show response
www.avera.org/scripts/ 42 KB
16 KB 121ms
121ms Script
application/javascript 52.162.218.125
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.avera.org/scripts/slick.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/WebResource.axd?d=omLPgGeJNC_y7GFjEXlaQLIldGYw4Oh0081evCARb1Vx57lXLky5915CjeJ3UaW_3OsKvY-dAw-Dv65cngerRr9kzoF3A21xGotcr16GwuOx7j8jCH8necdHDcHhESMzWiNRu0QOoeV8XdkNYcTbHQ2&t=637159906040000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.162.218.125 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 1c4f99b65f8be969df7f6823a98790064b0613a94bd5c0e701e12472d19765ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Sep 2021 18:58:02 GMT
Server: Microsoft-IIS/8.5
ETag: "059551976b1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=14400
Accept-Ranges: bytes
Content-Length: 15724
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 box-028f986f575e1b13474634857daa6bfc.html Show response
vars.hotjar.com/ Frame EDA7 2 KB
1 KB 36ms
7ms Document
text/html 143.204.98.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1590284.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-69.fra50.r.cloudfront.net
Software: /
Resource Hash: 8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "1502011b9c345a816e17e09cda9762e1"
last-modified: Wed, 20 Oct 2021 10:53:36 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7CSBz1xpmwxwVQEqPuLxk2iqP8begiiLAF20WDq21RhypFUNwwxYVQ==
age: 612177

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270296221284406&ev=PageView&dl=https%3A%2F%2Fwww.avera.org%2F&rl=&if=false&ts=1636992491559&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636992491108.909302651&it=1636992491008&coo=false&exp=p0&rqm=GET

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 16:08:11 GMT

GET
H2 200 p.js Show response
30531.tctm.co/ 25 B
401 B 33ms
33ms Script
application/x-javascript 2600:9000:2156:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/p.js?sid=619285eb000077431672d26b&p=568859.1.888.422.1410,568859.1.605.322.1300,568859.1.507.532.9661,568859.1.507.532.1101&
Requested by: Host: 30531.tctm.co
URL: https://30531.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: ad17fd2400c3bf05ca0c12eaa5da2129700b8ed033a82e2dc541be7dcdc2e94e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
x-amz-cf-id: pnCpuBHF0yQGT65KF8ATOX-iy7FVTFh5qwlM-AqZzzUAk13GfIcS1g==

GET
H2 200 0056.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0031/ 734 B
382 B 34ms
31ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0031/0056.json?t=454720
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b75bb25bdec41c1ab87982d40e7667fe69761d1ac65485c7993ba5854c7bf70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8612
ce-version: 11.1.358
content-length: 290
timing-allow-origin: *
last-modified: Mon, 15 Nov 2021 13:44:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6ae9bca06c245a19-MXP

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/ 140 KB
46 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api?_=1636992490879

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 09:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25089
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46909
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 15 Nov 2022 09:10:02 GMT

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/1842/1248633193/ 3 KB
1 KB 395ms
394ms Script
text/javascript 143.204.98.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/1842/1248633193/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-44.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5870f0f31b8028b945158c4faf3fb96303fc9301426d44ecea0e865a93ec825d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: dQXLPuTim0Ay4eNU_Xt2stee_opiMNQW
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 16:29:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"401152e4a0e9314e9834d29c6e7c4b0e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control: max-age=300
date: Mon, 15 Nov 2021 16:08:12 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-id: 6TelnSy6Naxz3naZYT2tIL74AA3YG8nyJTQpYKjY8uUP-wVxu2KtHQ==

GET
H2 204 1590284 Show response
vc.hotjar.io/sessions/ 0
256 B 62ms
38ms XHR
text/plain 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1590284?s=0.25&r=0.17401752931012737
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.dad547d55d09325865c9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
via: 1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 3mprZr0Ev3w5SxI_7n7Tyc8S3ZobWuoMJZANGHPU6tea-dixsA7qdA==

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
419 B 30ms
8ms XHR
binary/octet-stream 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2971596
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: SPYVkpiELurCEi-uot8e85C6-SZFBEVTpXrOTf24nIipGDAVJdgdEQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
419 B 38ms
10ms XHR
binary/octet-stream 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2971596
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: WOskV_M_PuZugdecS7321K45ZKva8bMQjeuxJ_oBxjDt__w59ZL8qg==

GET
BLOB 200
OK 4a3c14bf-7d3d-4869-aa70-60d3cd25565a
https://www.avera.org/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/4a3c14bf-7d3d-4869-aa70-60d3cd25565a
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 clock Show response
tracking.crazyegg.com/ 27 B
134 B 100ms
39ms XHR
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1636992491696
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 538023cac9eef39f9a667bfc5355a0d001f6faab54c498f4e12b9d9d754afea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 16:08:11 GMT
cache-control: no-store
server: awselb/2.0
content-length: 27
content-type: text/plain

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 58 KB
18 KB 28ms
28ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5894f87e0ab5df0cf45ffa74db0c0d7bba7938573f95d59f075e48eeb40d445b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:55 GMT
server: cloudflare
age: 441338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6ae9bca1d9740e16-MXP
content-length: 18742

GET
BLOB 200
OK bad63487-2186-4b8d-9e3e-ee8ccaabbb8d
https://www.avera.org/ 218 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.avera.org/bad63487-2186-4b8d-9e3e-ee8ccaabbb8d
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13973386148d76524e93592e39e3d045b247a0d155765d1bf7174c914650bb4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 218
Content-Type: text/javascript

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 85 KB
24 KB 64ms
64ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0031/0056.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 368e648389eb3ddddce73d9d9d9a18687b9b2c8243957cf3b17e302b1d87f5ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 16:08:11 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:53 GMT
server: cloudflare
age: 441338
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6ae9bca21a170e16-MXP
content-length: 24697

POST
H2 201 v11
tracking.crazyegg.com/ 0
83 B 159ms
97ms Ping
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=310056&st=173004&s=4754305
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avera.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 16:08:12 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 93A6
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MjAxOTA5MDM4Mzc2ODA2NjY0NA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMPTQupS9yjs4gvud_eHD9E&google_cver=1

42 B
1 KB

629ms
160ms

Image
image/gif

198.8.71.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMPTQupS9yjs4gvud_eHD9E&google_cver=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEMPTQupS9yjs4gvud_eHD9E&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 93A6
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=2019090383768066644
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2019090383768066644

43 B
1 KB

14ms
13ms

Image
image/gif

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2019090383768066644

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

HTTP/1.1

Server

185.33.220.241 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 16:08:12 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 60c2c8b3-0675-49e6-9e1e-3bfb215258d0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 16:08:12 GMT
X-Proxy-Origin: 194.36.108.20; 194.36.108.20; 732.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e03cdfe7-b073-45ca-9aee-e718a9352801
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D2019090383768066644
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 93A6
Redirect Chain

https://stags.bluekai.com/site/4722?id=2019090383768066644&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=

42 B
977 B

607ms
159ms

Image
image/gif

198.8.71.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=$_BK_UUID&forward=
Date: Mon, 15 Nov 2021 16:08:12 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 93A6 0
239 B 56ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=2019090383768066644&
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 93A6
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=2019090383768066644&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2019090383768066644&redir=

42 B
945 B

34ms
34ms

Image
image/gif

52.214.44.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2019090383768066644&redir=

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

HTTP/1.1

Server

52.214.44.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-44-171.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-026df6ecb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8ZwKOZnoR4M=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v019-0724f3096.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: eEC5bNL2RW4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=2019090383768066644&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 93A6
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=2019090383768066644&bid=omt9pi0
https://ps.eyeota.net/match/bounce/?uid=2019090383768066644&bid=omt9pi0

70 B
440 B

15ms
15ms

Image
image/gif

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?uid=2019090383768066644&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?uid=2019090383768066644&bid=omt9pi0
Date: Mon, 15 Nov 2021 16:08:12 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 cksync.php
contextual.media.net/ Frame 93A6 45 B
614 B 123ms
73ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=2019090383768066644

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Mon, 15 Nov 2021 16:08:12 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Mon, 15 Nov 2021 16:08:12 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 93A6 0
105 B 50ms
9ms Image
text/plain 54.93.158.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-158-246.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:11 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 93A6
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2019090383768066644&referrer=https%3A%2F%2Fwww.avera.org%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=e4ba202e-9e32-4620-ac31-ef6a4459d13c%3A1636992492.07&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3De4ba202e-9e32-4620-ac31-ef6a4459d13c...
https://idsync.rlcdn.com/501709.gif?partner_uid=e4ba202e-9e32-4620-ac31-ef6a4459d13c%3A1636992492.07
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPA0nezFqHr6Q_p0ndtD344&google_cver=1

42 B
301 B

15ms
15ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPA0nezFqHr6Q_p0ndtD344&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 16:08:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEPA0nezFqHr6Q_p0ndtD344&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 93A6 43 B
109 B 358ms
143ms Image
image/gif 23.21.225.74
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=2019090383768066644
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.225.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-225-74.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 93A6
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2019090383768066644&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2019090383768066644&forward=&C=1

43 B
1006 B

34ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2019090383768066644&forward=&C=1
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 16:08:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 15 Nov 2021 16:08:12 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 Nov 2021 16:08:12 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=2019090383768066644&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Mon, 15 Nov 2021 16:08:12 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 93A6 42 B
418 B 44ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=2019090383768066644
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 15 Nov 2021 16:08:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 93A6 43 B
191 B 250ms
191ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=2019090383768066644

Requested by

Host: www.avera.org
URL: https://www.avera.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 15 Nov 2021 16:08:12 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 93A6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2019090383768066644&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2019090383768066644&img=1&__user_check__=1&sync_id=3b7b1598-462e-11ec-823b-19bfd3920506

43 B
548 B

30ms
29ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=2019090383768066644&img=1&__user_check__=1&sync_id=3b7b1598-462e-11ec-823b-19bfd3920506
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 85
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=2019090383768066644&img=1&__user_check__=1&sync_id=3b7b1598-462e-11ec-823b-19bfd3920506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 52
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 93A6 43 B
183 B 316ms
94ms Image
image/gif 2600:1f18:612b:4200:787a:99c3:22c2:11ca
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=2019090383768066644&r=ntdyhaXOpKrI
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:787a:99c3:22c2:11ca Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 93A6 43 B
238 B 37ms
7ms Image
image/gif 3.125.86.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=2019090383768066644
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.86.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-86-125.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:12 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 93A6 0
338 B 108ms
30ms Image
text/plain 52.17.218.77
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=2019090383768066644
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.218.77 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-218-77.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1636992492
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 93A6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=2019090383768066644&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2019090383768066644&expires=30

43 B
495 B

9ms
9ms

Image
image/gif

18.192.203.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2019090383768066644&expires=30
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Server: 18.192.203.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=2019090383768066644&expires=30
Date: Mon, 15 Nov 2021 16:08:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 93A6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YZKF7AAE0QHjiABG
https://p.rfihub.com/cm?in=1&pub=21653&userid=YZKF7AAE0QHjiABG&_test=YZKF7AAE0QHjiABG

42 B
1000 B

431ms
159ms

Image
image/gif

198.8.71.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YZKF7AAE0QHjiABG&_test=YZKF7AAE0QHjiABG
Protocol: HTTP/1.1
Server: 198.8.71.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20770730p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 15 Nov 2021 16:08:12 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636992492.375108,VS0,VE0
x-served-by: cache-hhn4079-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YZKF7AAE0QHjiABG&_test=YZKF7AAE0QHjiABG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 20ms
19ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Mon, 15 Nov 2021 16:08:12 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 435ms
102ms Script
application/javascript 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: www.avera.org
URL: https://www.avera.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Content-Encoding: gzip
X-Pardot-Route: 4587f66dff94d6e76a668284fbf3dba1
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Last-Modified: Fri, 12 Nov 2021 05:15:08 GMT
Server: PardotServer
ETag: "1547-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=63072000
Accept-Ranges: bytes
Content-Length: 1950
Expires: Wed, 15 Nov 2023 16:08:12 GMT

GET
H2 200 p.js Show response
30531.tctm.co/ 25 B
400 B 27ms
26ms Script
application/x-javascript 2600:9000:2156:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/p.js?sid=619285eb000077431672d26b&p=568859.1.888.422.1410,568859.1.605.322.1300,568859.1.507.532.9661,568859.1.507.532.1101&
Requested by: Host: 30531.tctm.co
URL: https://30531.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: ad17fd2400c3bf05ca0c12eaa5da2129700b8ed033a82e2dc541be7dcdc2e94e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
x-amz-cf-id: WdJGFW8W2oX-jt6mS7827yB_ipLyRuWTRXoe7bTBvmsvS7047sEP8A==

GET
H2 200 p.js Show response
30531.tctm.co/ 25 B
401 B 15ms
14ms Script
application/x-javascript 2600:9000:2156:9400:12:de4a:40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://30531.tctm.co/p.js?sid=619285eb000077431672d26b&p=568859.1.888.422.1410,568859.1.605.322.1300,568859.1.507.532.9661,568859.1.507.532.1101&
Requested by: Host: 30531.tctm.co
URL: https://30531.tctm.co/t.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9400:12:de4a:40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ctm /
Resource Hash: ad17fd2400c3bf05ca0c12eaa5da2129700b8ed033a82e2dc541be7dcdc2e94e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: ctm
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
x-amz-cf-id: E6HzNUll3fzNqMJF_VL5bYcHMU88dMNHgyVwuP8zXRiqT75rl7P-1A==

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 8ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3843099095725111&ev=Microdata&dl=https%3A%2F%2Fwww.avera.org%2F&rl=&if=false&ts=1636992492668&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAvera%20Health%5Cn%22%2C%22meta%3Adescription%22%3A%22Choose%20Avera%20for%20hospital%20and%20primary%20care%2C%20specialty%20clinics%20and%20senior%20living%2C%20with%20locations%20in%20South%20Dakota%2C%20Minnesota%2C%20Iowa%2C%20Nebraska%20and%20North%20Dakota.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636992491108.909302651&it=1636992491008&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 16:08:12 GMT

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 72 B
533 B 116ms
116ms Script
text/html 52.202.69.186
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=12820&account_id=564662&title=Avera%20Health&url=https%3A%2F%2Fwww.avera.org%2F&referrer=
Requested by: Host: pi.pardot.com
URL: https://pi.pardot.com/pd.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.202.69.186 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: pi0-lba1-1-ue1.aws.pardot.com
Software: PardotServer /
Resource Hash: d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 15 Nov 2021 16:08:12 GMT
Content-Encoding: gzip
X-Pardot-Route: d5a18e4517a9c8ba62b77de366a4cdb5
X-Pardot-LB: 4208770abb36eec2b2f3a1c951758cc1
Server: PardotServer
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=63072000
Content-Length: 89
Expires: Wed, 15 Nov 2023 16:08:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1565260733747379&ev=Microdata&dl=https%3A%2F%2Fwww.avera.org%2F&rl=&if=false&ts=1636992492777&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAvera%20Health%5Cn%22%2C%22meta%3Adescription%22%3A%22Choose%20Avera%20for%20hospital%20and%20primary%20care%2C%20specialty%20clinics%20and%20senior%20living%2C%20with%20locations%20in%20South%20Dakota%2C%20Minnesota%2C%20Iowa%2C%20Nebraska%20and%20North%20Dakota.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636992491108.909302651&it=1636992491008&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 16:08:12 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=270296221284406&ev=Microdata&dl=https%3A%2F%2Fwww.avera.org%2F&rl=&if=false&ts=1636992493068&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtAvera%20Health%5Cn%22%2C%22meta%3Adescription%22%3A%22Choose%20Avera%20for%20hospital%20and%20primary%20care%2C%20specialty%20clinics%20and%20senior%20living%2C%20with%20locations%20in%20South%20Dakota%2C%20Minnesota%2C%20Iowa%2C%20Nebraska%20and%20North%20Dakota.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636992491108.909302651&it=1636992491008&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.avera.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 15 Nov 2021 16:08:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 15 Nov 2021 16:08:13 GMT

POST
H2 201 v11
tracking.crazyegg.com/ 0
82 B 67ms
67ms Ping
text/plain 34.255.166.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/v11?u=310056&st=173004&s=4754305
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.166.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-166-68.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.avera.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 15 Nov 2021 16:08:13 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

318 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.avera.org/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: x2cy30xis1km1gavammpettv
www.avera.org/	1970-01-20 07:28:48	Name: mobileview Value: web
www.avera.org/	1970-01-20 07:28:48	Name: cookiesession1 Value: 678A3E60STU01234567898901234CE60
www.avera.org/	1969-12-31 23:59:59	Name: LB_SessionId Value: 141453322.1.2526730512.4243511808
.fonts.net/	1970-01-19 22:43:14	Name: __cf_bm Value: _SErXqp1PuOOzgoO1E73sG.lVpTcFsSVyayWcKtH74w-1636992490-0-AV+4+/+e9jJWQYdJaSMKvSamhgZYzdiobq/AGSJTMlXQi/jwr9ZN7fTgTFMOJqKTxkrx/UCGortSv6Pcglm5PWE=
.avera.org/	1970-01-20 00:52:48	Name: _gcl_au Value: 1.1.130883754.1636992491
.avera.org/	1970-01-20 00:52:48	Name: _fbp Value: fb.1.1636992491108.909302651
.avera.org/	1970-01-20 16:14:24	Name: _ga Value: GA1.2.1968710110.1636992491
.avera.org/	1970-01-19 22:44:38	Name: _gid Value: GA1.2.1306597141.1636992491
.avera.org/	1970-01-19 22:43:12	Name: _gat Value: 1
30531.tctm.co/	1969-12-31 23:59:59	Name: ct30531 Value: 619285eb000077431672d26b
.bing.com/	1970-01-20 08:04:48	Name: MUID Value: 026D592D2E346572260849DD2F5F6456
.avera.org/	1970-01-19 23:26:24	Name: __ctmid Value: 619285eb000077431672d26b
www.avera.org/	1970-01-19 23:26:24	Name: __ctmid Value: 619285eb000077431672d26b
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: EYOyq3Ps6Ck
.youtube.com/	1970-01-20 03:02:24	Name: VISITOR_INFO1_LIVE Value: A0Uwgjxph4Q
www.avera.org/	1970-01-20 08:12:00	Name: __atuvc Value: 1%7C46
www.avera.org/	1970-01-19 22:43:14	Name: __atuvs Value: 619285eb892edbe4000
.avera.org/	1970-01-20 07:28:48	Name: _hjid Value: 58989607-c95f-4c12-a835-4888d17d0d0d
.avera.org/	1970-01-19 22:43:14	Name: _hjFirstSeen Value: 1
.avera.org/	1970-01-19 22:44:38	Name: _uetsid Value: 3b123960462e11eca60f153375c25ad4
.avera.org/	1970-01-20 08:04:48	Name: _uetvid Value: 3b1273b0462e11ec956bcddb2b942343
.avera.org/	1970-01-19 22:43:14	Name: _hjAbsoluteSessionInProgress Value: 1
.avera.org/	1970-01-20 07:28:48	Name: _ce.s Value: v11.rlc~1636992491801~v~d1728ffb5aa766f97b66c8074cb42110f319d4c7~vpv~0~ir~1
.rfihub.com/	1970-01-20 08:04:48	Name: rud Value: H4sIAAAAAAAAAOMSNjIwtDSwNDC2MDY3szAwMzMzMRHiM9T1yihP9Hf2DTHXLciS4jU0MzaztDQysTS0MDUAAE2g8TE0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjIwtDSwNDC2MDY3szAwMzMzMRHiM9T1yihP9Hf2DTHXLcgCAJ-ireUlAAAA
.addthis.com/	1970-01-20 08:12:00	Name: uvc Value: 1%7C46
.doubleclick.net/	1970-01-20 08:04:48	Name: IDE Value: AHWqTUnn7kCoZnlOZriSLD8ze2tUphaIApycCzEk4Yvoa0rzmytZdA2knovEBMn3ufw
.avera.org/	1970-02-25 10:43:12	Name: invoca_session Value: %7B%22ttl%22%3A%222021-12-15T16%3A08%3A12.014Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.rlcdn.com/	1970-01-20 07:28:48	Name: rlas3 Value: tQYSLsN3Z+rr3RDAZoWsJVTdC/67NMJLvFpM0DEX/EI=
.adnxs.com/	1970-01-20 00:52:48	Name: uuid2 Value: 3254582602258054250
.media.net/	1970-01-20 07:28:48	Name: visitor-id Value: 2799940926686853000V10
.media.net/	1970-01-20 07:27:22	Name: data-rk Value: 2019090383768066644~~3
.demdex.net/	1970-01-20 03:02:24	Name: demdex Value: 37082835339922160793894661951021065723
.casalemedia.com/	1970-01-20 07:28:48	Name: CMID Value: YZKF7J4Mp55WjPmJrVjNgAAA
.casalemedia.com/	1970-01-20 00:52:48	Name: CMPS Value: 5221
.adnxs.com/	1970-01-20 00:52:48	Name: anj Value: dTM7k!M4/YErk#WF']wIg2E>3vRVG4!]tbPl1MNu::wpAk_>pXidS?Lk^_>wgjm3Bgks!sn*exJ-bAA_!2>h9/+0J2!#`IjlEm6V
.addthis.com/	1970-01-20 08:12:00	Name: loc Value: MDAwMDBFVURFQlcyMjgyMTg5ODAwNDAwMDBDSA==
.dpm.demdex.net/	1970-01-20 03:02:24	Name: dpm Value: 37082835339922160793894661951021065723
.rezync.com/	1970-01-20 03:01:55	Name: zync-uuid Value: e4ba202e-9e32-4620-ac31-ef6a4459d13c:1636992492.07
live.rezync.com/	1970-01-20 03:02:24	Name: sd-session-id Value: .eJwVykELgjAYgOG_Et_Zw5faUqFbBkJTionMi5jtsOks3ESY-N-zw3t44Vmh-YpJt6MYLSR2moUH3SD3M5CsYKTToocEfDzGGGMQBWcSISEkDGHzwAhj5Gds5PuvD69d1uwpOcsWqktbVKWjEjFX2XKvboq61NYV9zl7YM6GnrJcFSr1qeOngmW4N9Nrd4Ft-wG8mjDf.FHQXbA.vj_DpLLDhvDkcjnpFD3obTRgJiU
.casalemedia.com/	1970-01-20 00:52:48	Name: CMPRO Value: 1170
.casalemedia.com/	1970-01-19 22:44:38	Name: CMST Value: YZKF7GGShewA
.casalemedia.com/	1970-01-20 07:28:48	Name: CMRUM3 Value: 39619285ec27602019090383768066644
.spotxchange.com/	1970-01-20 07:28:52	Name: audience Value: 3b7b1556-462e-11ec-823b-19bfd3920506
.bidswitch.net/	1970-01-20 07:28:48	Name: tuuid Value: f552ba36-b025-4e71-84ca-502f949bdcb9
.bidswitch.net/	1970-01-20 07:28:48	Name: c Value: 1636992492
.bidswitch.net/	1970-01-20 07:28:48	Name: tuuid_lu Value: 1636992492
.krxd.net/	1970-01-20 03:02:24	Name: _kuid_ Value: Oe8jH1zO
.everesttech.net/	1970-01-20 07:28:48	Name: everest_g_v2 Value: g_surferid~YZKF7AAE0QHjiABG
.eyeota.net/	1970-01-20 07:28:48	Name: mako_uid Value: 17d245b2451-7b690000010f5127
.eyeota.net/	1970-01-19 22:43:13	Name: SERVERID Value: 20775~DM
.rlcdn.com/	1970-01-20 00:09:36	Name: pxrc Value: COyLyowGEgYIuuoBEAA=
.rfihub.com/	1970-01-20 08:04:48	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmxmaWlkYmloYWq6Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxGrQGSUt5u5o6OrQaBHVqajk_sqVoQSI3Njw02saFZwo3kJjb9IGJX_CI0PAP3Pz51DAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAFvFKBAZ5e1m7ujoahDokZXp6OQOABxNu7MTAAAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20770730p.rfihub.com
30531.tctm.co
a.rfihub.com
aa.agkn.com
assets-tracking.crazyegg.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fast.fonts.net
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
m.addthis.com
p.rfihub.com
pagestates-tracking.crazyegg.com
partners.tremorhub.com
pi.pardot.com
pixel.rubiconproject.com
ps.eyeota.net
s7.addthis.com
script.crazyegg.com
script.hotjar.com
siteimproveanalytics.com
solutions.invocacdn.com
stags.bluekai.com
static.hotjar.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tracking.crazyegg.com
v1.addthisedge.com
vars.hotjar.com
vc.hotjar.io
www.avera.org
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
s7.addthis.com
104.111.215.191
104.75.88.126
142.250.185.162
143.204.98.29
143.204.98.32
143.204.98.39
143.204.98.43
143.204.98.44
143.204.98.57
143.204.98.69
143.204.98.76
151.101.2.49
18.192.203.176
185.33.220.241
185.94.180.125
198.8.71.129
2.18.234.21
2.18.235.40
2.18.235.93
23.21.225.74
2600:1f18:612b:4200:787a:99c3:22c2:11ca
2600:9000:2156:2600:1:76cf:fe80:93a1
2600:9000:2156:9400:12:de4a:40:93a1
2606:4700:3031::ac43:91b0
2606:4700::6811:e04e
2606:4700::6813:9408
2620:1ec:c11::200
2a00:1450:4001:80e::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.210.90
3.125.86.125
34.255.166.68
35.244.174.68
52.162.218.125
52.17.218.77
52.202.69.186
52.214.44.171
54.93.158.246
69.173.144.138
0091a4ca0b923608c0e866806e00f10a339034cfc2a86fe1af294db5ad53e044
0176d46fd7eac75189c3ab4484e73eaf6dab271fd92bdbcfa2a4b1b75c058687
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05abebf463c3a259ccb353c6142886a9d711878bc197d2ca9b0607679817b4db
0643a2f1b02f1850a0f1ca7318b64253f5e2ab2f1e1cfe25bf96ca4404ff3bba
0c64edb11668c9377daf0ea939fbb379020d48fe3b495ae5a42575531f117c45
0faef1368fd355cf0d029ec20190be4102c869bc3536849c62c114b39e0c3c1e
1037f44703c0090726e42a788908a7c95e62fb53c85660f9820cb685ec8d4fef
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13973386148d76524e93592e39e3d045b247a0d155765d1bf7174c914650bb4b
13bfc39df6885545db770f543ca13e47d459bb99159144a788522797e911d2c0
151fa1cdfdd05a9625e982980ba01431d60a9757304541f488396e441704d10e
15e233606ccd7278e5268598b02b25f48052cc15c7c2789d3fa0c7ab09d55f78
1b75bb25bdec41c1ab87982d40e7667fe69761d1ac65485c7993ba5854c7bf70
1c4f99b65f8be969df7f6823a98790064b0613a94bd5c0e701e12472d19765ea
1de59702de25541f557e7e6180a277b272c8876abc0eb5f8ca5682fc52aad1cf
22ac6a77e24b2fee1092f8598da0487f44dff8bcf39ddc9bd7831849f2242cb1
262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58
2648b41158b86120326e2bf0759966f426956c2d068d8f52ae75c7ca977820dc
27cad1b16f56ed89632faae9c33df8e148eccf53c6d8f474c9a074f644721a06
2a5d65b36347afce2d488a4f723a458ff945e1de549804199fd9b29a36ff9061
2f52b9b171b491ff4c5a5d9c5bc7c668d025b4989951aa37afebbe4ebe61c8ad
307f35ee8f3c5ffd969359073522b271a428f0890a13153092d74c767fd4aa4b
309046ca3d1b480cb6e22ded574cccefdc6554cf40aa4fdfaf77d1acbe9f2a13
3606a08170c0af249c0a413d9d76fdc1058f081086f637a1c21b77edea638fb6
368e648389eb3ddddce73d9d9d9a18687b9b2c8243957cf3b17e302b1d87f5ae
398cdf1b27ef247e5bc77805f266bb441e60355463fc3d1776f41aae58b08cf1
3b37fea8c665a9de30e8ef27f1fa30d8da8d992f70c499f31847802df520e9c1
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
44ee91018324f016af8f7c25f91b051dea2f51e7cceff79f86ecdc466c6ce873
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49a06338687e64a40b9489700701d3f767b3f26e7652873f892801ebf7957b53
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
507655834b289329f45008a587918c00be13a9eb0c16ea3770b4158c9beec662
51aaaf9813a804fe91f66a5b292942d3c72750d6572e39ccfd7c33aa730ff369
5273692f8e093c761495bb61c46b5b3ee8188560cf8e30c9c1e02b403b2dfbbe
538023cac9eef39f9a667bfc5355a0d001f6faab54c498f4e12b9d9d754afea7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5870f0f31b8028b945158c4faf3fb96303fc9301426d44ecea0e865a93ec825d
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5894f87e0ab5df0cf45ffa74db0c0d7bba7938573f95d59f075e48eeb40d445b
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
612a6d40c5e4e4ef03777d6de03ddeb921a8523630f61284787cb2c74e2d39ee
627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327
63c52ae2db634848f6a6ccd8f6566aa4c66dbeb968743386fa0d0f1fda888be5
63fbe6b8cb77afea02ada0177f65349e394841ecec51ec7ba8f2ad24f289b159
6400b25becfb035f0788674cc8623d30037c3e128e16fb83e8c144b97726747d
64e894bded170154f1937129a75c6a5779c0351776f7a3f9ab07f641e5eca2bc
66b804e7a96a87c11e1dd74ea04ac2285df5ad9043f48046c3e5000114d39b1c
67f31bf65c22382c6fad74dd5d556deaf4e108f270ac95f87d89df69c8ed1a12
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
697094b8700fb026706da89123a6137de4c44645d005c8cc2e9a3a558f0f05b2
739a43fbfb36a63df33ba91392ff26faea351484f86c3c9e4b699bef0e58ef40
74eb310e1ac770c9f6b97f2b6f88bbe9cd80297cce8f2c01d9dd3975c7fd4297
7975614dca192310108ed2661139f65e203802aaa1794b83de6e9259734d1165
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608
7f8ba697940b824658c63faf52938bd90a54564df2d7cb6da5ae4f52ccc16fb9
802dd68dacc29cfbd673978083e87c9435eaa2dfdae3a3b79b7de4dd838e2c7e
822204d7b5e456b3004a8bfcc237a11291dd0368b70c7d1031c3185fa9f552be
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa
8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442
8cc954d435542d3d2ced741ce3ef403909cfc0030acb3921e67c5a1f738e04ce
906d7656e5f6956255982fc7595b36c8919d00798c9ea49b8de207a041453df9
920405a351a356ef3083c5a7dd6cb2cae6378f2b4eecf4f49cd987a5b825a94d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
972cc181c11ea10492a1cdbdc45d375b47791bd682e31f4fa783a969050075fc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9f0346dbc37bbfff08d3ffbc6ce5a6e7cc76ed0ee3cd65f867fa824fe6ce204b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cc9892da7a96a086962cb2348bd5afb3e478f0290f3149c60517b9b5e9df48
a4a7cb4442f2edc08428b62c3092862c7cab9f712f7e054669691d013a8daed3
a9247adb2c6e62a9d745f5184f0257a050a7ec3862a17c554724b16f9bdfa7e3
aaa41afed6ee6e97662066baa136252cb123e1186328764aa7a071ea83fcc813
abe2cac72ed872f31e123a48df71a53174cc36dbefc4164e526e456d1482f159
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ad17fd2400c3bf05ca0c12eaa5da2129700b8ed033a82e2dc541be7dcdc2e94e
ad66d871c32c273cc86469c0aeaee75cc1e972ab0bc1a5ee653ead2793d3d1be
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bf3e825264ebb9e242fff015420de3ca0de21fccf27c2d6eba56370cf078bdd6
c05a4195d77adbe32ab35386e09ad5ba9aeb4c9fa9ba030d52b5510f0f3a9c5c
c299ab481a066310d433b8df3ee71106eff9502484873d7986aef7e82165563f
c402ca2a095e6c86fc998b16a04ac1273d6c2744988216489bcbe4ca3c3ef03f
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
cb72c106fa2cfc0a55a76bdd035e0ddc5557910b7a58c500354042999e4d523e
ce46864cbe9e47322dbc217815d6b98b0447233ad00f8b5a9d0deef25bb35d74
d068af5c09c1417e301e13b2c90fa877e0a24e0baae8160b6b77f1650486eb13
d22a57fdce0e37e71486440e103a6e67787359e237521103fb4d3b59c2ddac75
d2a0ed3481f0594245bc42536efbad044afe679a3f5a7993eb09774b94dc305c
d5ed0d3bb98ae16ad90be29db3becf6153a1390b922506a19cccf2400bbdb1c1
d617b276f33ce4fcea65a1d4ed8c33de93f673c201ae047dfbb6736c2b5cb762
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
de57aff4702f7b6d66abdb934f6dd3fa6975721d3538bb98c9d11909599e74d0
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e08a3844d3464092e8466c67bb3da89969df7706325b881ed3c6d1bf7a29e7a8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c1b6c7b3089a2c675ce9e4416efd25060f64171038b21566140fbddd7162ab
e562d2c60f337377db69a83c54a6d9874840afb10d37c5bb4f0c88ee86df3c94
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5c86574ce0ab3ef7d02190f46d525dbeb1d98ca33d37282a896204db4de83a1
e7b710346963f80a29dd95dacb89164d4c0572ee6506d5cd67912f2ea4dd4106
eb22874fc8e8d2e5494f421e1b336fd90a6b026cfc539a33b3acfaee33ea2f48
ed88f9f4ddc6d33339fb4d88e0495ef8d039a1330ac634a8a88d61e0d396606d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f71c83b780b0c98b06edf84b7c4f1dd190b8ee819b2cedb0cf6f37e184f697b4
f8dbefa80306c9e4696dea4b2ee43e5d540482600435980fe4649cce91dd0ea6

www.avera.org Open in urlscan Pro 52.162.218.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

140 Requests

86 %HTTPS

35 %IPv6

41 Domains

52 Subdomains

45 IPs

5 Countries

2120 kBTransfer

4961 kBSize

55 Cookies

7 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.avera.org Open in urlscan Pro
52.162.218.125 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

86 %
HTTPS

35 %
IPv6

41
Domains

52
Subdomains

45
IPs

5
Countries

2120 kB
Transfer

4961 kB
Size

55
Cookies

140 HTTP transactions
1 data transactions