services.qwmassages.com Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://services.qwmassages.com/
Submission: On October 14 via automatic, source certstream-suspicious (October 14th 2021, 10:33:16 pm UTC) — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 10 domains to perform 40 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is services.qwmassages.com.
TLS certificate: Issued by R3 on August 8th 2021. Valid for: 3 months.

This is the only time services.qwmassages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
3	13.224.193.86 13.224.193.86	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.106 142.250.186.106	15169 (GOOGLE) (GOOGLE)
2	13.225.87.86 13.225.87.86	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.112 13.225.87.112	16509 (AMAZON-02) (AMAZON-02)
7	13.225.84.146 13.225.84.146	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.174 142.250.186.174	15169 (GOOGLE) (GOOGLE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	107.21.52.48 107.21.52.48	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
11	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
3	172.217.16.131 172.217.16.131	15169 (GOOGLE) (GOOGLE)
40	15

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

services.qwmassages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-86.fra2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.87.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-86.fra2.r.cloudfront.net

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-112.fra2.r.cloudfront.net

97862.tctm.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.225.84.146 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-146.fra2.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

views.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.52.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-52-48.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	googleapis.com ajax.googleapis.com fonts.googleapis.com maps.googleapis.com	301 KB
9	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	8 MB
6	gstatic.com fonts.gstatic.com maps.gstatic.com	187 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	unbounce.com builder-assets.unbounce.com	39 KB
1	ub-analytics.com events.ub-analytics.com	245 B
1	unsplash.com views.unsplash.com
1	google.com www.google.com	2 KB
1	tctm.co 97862.tctm.co	19 KB
1	qwmassages.com services.qwmassages.com	10 KB
40	10

	Domain	Requested by
11	maps.googleapis.com	www.google.com maps.googleapis.com services.qwmassages.com
7	d9hhrg4mnvzow.cloudfront.net	services.qwmassages.com
3	maps.gstatic.com	www.google.com services.qwmassages.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	services.qwmassages.com www.google-analytics.com
3	builder-assets.unbounce.com	services.qwmassages.com
2	d34qb8suadcc4g.cloudfront.net	services.qwmassages.com d34qb8suadcc4g.cloudfront.net
1	events.ub-analytics.com	services.qwmassages.com
1	fonts.googleapis.com	builder-assets.unbounce.com
1	views.unsplash.com	services.qwmassages.com
1	www.google.com	services.qwmassages.com
1	97862.tctm.co	services.qwmassages.com
1	ajax.googleapis.com	services.qwmassages.com
1	services.qwmassages.com
40	14

This site contains no links.

Subject Issuer	Validity	Valid
services.qwmassages.com R3	`2021-08-08` - `2021-11-06`	3 months	crt.sh
*.unbounce.com Amazon	`2021-03-10` - `2022-04-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.tctm.co Amazon	`2021-10-09` - `2022-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.ub-analytics.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 2 frames:

Primary Page: https://services.qwmassages.com/
Frame ID: 7FE6207B7A5F7BE5228380D9601EB5EC
Requests: 25 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d171127.54472616778!2d-96.993338!3d47.9195937!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x972df0bc1f09389c!2sQ%20W%20Massage!5e0!3m2!1sen!2sus!4v1573143798824!5m2!1sen!2sus
Frame ID: 454F0F342A9C92E4FCD0F41D502DAA13
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

massage therapy, grand forks massage therapy, grand forks massage therapist, massage service

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

40
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

15
IPs

2
Countries

8340 kB
Transfer

9212 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
services.qwmassages.com/ 59 KB
10 KB 39ms
16ms Document
text/html 3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://services.qwmassages.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f876f21b4fe6e61c1cf21ebcd174789a9407c3644bdf20634e10f2c6f81b25e7

Request headers

Host: services.qwmassages.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 14 Oct 2021 22:33:09 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 5c5bbb14-a4c5-4618-a88c-3066af901fb7
etag: "a:32a405034405d9b7a797daa7b51787a1"
last-modified: Mon, 27 Jan 2020 20:19:49 GMT
x-unbounce-visitorid: 25ee56ff-ae34-406f-b40b-d2d31a9e34fd
x-unbounce-variant: a
content-location: https://services.qwmassages.com/
link: <https://services.qwmassages.com/>; rel="canonical"
set-cookie: ubpv=a%2C5c5bbb14-a4c5-4618-a88c-3066af901fb7; Max-Age=15897600; Expires=Sat, 16 Apr 2022 22:33:09 GMT; Path=/; SameSite=Lax ubvs=25ee56ff-ae34-406f-b40b-d2d31a9e34fd; Max-Age=15552000; Expires=Tue, 12 Apr 2022 22:33:09 GMT; Path=/; SameSite=Lax ubvt=25ee56ff-ae34-406f-b40b-d2d31a9e34fd; Max-Age=259200; Expires=Sun, 17 Oct 2021 22:33:09 GMT; Path=/; Domain=qwmassages.com; SameSite=Lax
content-encoding: gzip
x-proxy-backend: page-server
connection: close

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 44ms
9ms Stylesheet
text/css 13.224.193.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 05 Feb 2021 01:12:18 GMT
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 00:04:15 GMT
server: AmazonS3
age: 21763252
etag: "387bd017c5b4c65e427e652174ec93b6"
x-cache: Hit from cloudfront
x-amz-version-id: g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: ODe9xYdVyCcSxPyltyqM3DvNliluz5ndNibfzHuDvlmsdzN8CW-vAw==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
71 KB 31ms
8ms Script
text/javascript 142.250.186.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: services.qwmassages.com
URL: https://services.qwmassages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f10.1e100.net

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 05:42:40 GMT
x-content-type-options: nosniff
age: 233429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 12 Oct 2022 05:42:40 GMT

GET
H2 200 jquery-shims.bundle-0983003.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 44ms
10ms Script
application/javascript 13.224.193.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 22 May 2021 21:32:49 GMT
content-encoding: gzip
last-modified: Tue, 04 May 2021 23:39:58 GMT
server: AmazonS3
age: 12531621
etag: "a05a2b23a4c2ca8d49a4ee58eb8d54ea"
x-cache: Hit from cloudfront
x-amz-version-id: 0jdE1z4pVysKHfF.y2wdQ_g12dgNpnLG
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 1993
x-amz-cf-id: teuN93bc0a2hp4bPKJmUomod-CvITdyFITB4Ot28UcBID3au8F-L_g==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 38ms
7ms Script
application/javascript 13.225.87.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 03 May 2021 00:38:38 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 14248472
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: t5D2Spl7LReStocm1NpoNisl6iR8jQ8nHsn8mc3m-tgSfFJHulN1Cg==

GET
H2 200 t.js Show response
97862.tctm.co/ 54 KB
19 KB 64ms
22ms Script
application/x-javascript 13.225.87.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://97862.tctm.co/t.js
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-112.fra2.r.cloudfront.net
Software: ctm /
Resource Hash: 2f3d12d1622b277c8e07c954fe91e1524e28b90579debe5c6dcba5652e46d74e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:09 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 22:33:09 GMT
server: ctm
x-amz-cf-pop: FRA2-C2
etag: W/6168b02500017e46b294837e-97862
x-cache: Miss from cloudfront
content-type: application/x-javascript
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: AR_uvxcKXbBM_dBHvOQcBM75xwNFtmOJsgLI2JyHFhvxQ0FUD4DP6Q==

GET
H2 200 transparent.gif
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 42 B
422 B 428ms
400ms Image
image/gif 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/transparent.gif
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:10 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Miss from cloudfront
x-amz-version-id: JFEF.hPzR83Ps16d87RI9.nNvY1hIok0
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 42
x-amz-cf-id: IquAXKoFcG392s-EbUF_JgBp3gZXUZqP2sUV0QtpnA9kPyGLYFuM-w==

GET
H2 200 main.bundle-f7a4028.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 8ms
8ms Script
application/javascript 13.224.193.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7a4028c7c5f1214665f61e28c0935beaaf8e73c1d82691da265ce59b3e388c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 25 Jul 2021 07:20:40 GMT
content-encoding: gzip
last-modified: Tue, 17 Dec 2019 18:07:27 GMT
server: AmazonS3
age: 7053150
etag: "8cce87c47015844577b6ae12c07fd890"
x-cache: Hit from cloudfront
x-amz-version-id: 1oFJIn7UdWXBEt0MjbrJ.DPKz7fNJMtE
via: 1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 33687
x-amz-cf-id: OHA4QZEGPgxDgWgaBRew_JOAomF06fjm9Cg_3FqaMcnDpu5UxHAULw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: services.qwmassages.com
URL: https://services.qwmassages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 16:38:54 GMT
server: Golfe2
age: 1923
date: Thu, 14 Oct 2021 22:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 15 Oct 2021 00:01:06 GMT

GET
H2 200 embed Show response
www.google.com/maps/ Frame 454F 4 KB
2 KB 164ms
141ms Document
text/html 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d171127.54472616778!2d-96.993338!3d47.9195937!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x972df0bc1f09389c!2sQ%20W%20Massage!5e0!3m2!1sen!2sus!4v1573143798824!5m2!1sen!2sus

Requested by

Host: services.qwmassages.com
URL: https://services.qwmassages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

mafe /

Resource Hash

3714d09a6ec5ed22776a9ae2d1299ae01ac1c4cb896eef4c251ab6783534211c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-dgDtGoXgXwwf6mRZ+KSAdg==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /maps/embed?pb=!1m14!1m8!1m3!1d171127.54472616778!2d-96.993338!3d47.9195937!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x972df0bc1f09389c!2sQ%20W%20Massage!5e0!3m2!1sen!2sus!4v1573143798824!5m2!1sen!2sus
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://services.qwmassages.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 14 Oct 2021 22:33:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-dgDtGoXgXwwf6mRZ+KSAdg==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1730
x-xss-protection: 0
server-timing: gfet4t7; dur=126
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 37e41a2c-unsplash-cu53zfbr3lk_1hc0zk000000000000000.jpg
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 2 MB
2 MB 525ms
501ms Image
image/jpeg 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/37e41a2c-unsplash-cu53zfbr3lk_1hc0zk000000000000000.jpg
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 77e4df20b8f9ed2057c194427aaaf16ee207a661a4a35d563980b491b91063e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:10 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "e8a65bd31efbb2fa807fed4737ecb4cd"
x-cache: Miss from cloudfront
x-amz-version-id: BW9Azx.HeHQQOfZvFWwGzHddoHQhYkaB
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 1929816
x-amz-cf-id: WG5iDC6YUVBDnuon1eRbWBcn3rdwCkYFNACzET7ah7EURhMeEGISYQ==

GET
H2 200 8e1f6a62-unsplash-bmm-idld1sa-ribs_1hc280000000000000000.jpg
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 5 MB
5 MB 539ms
515ms Image
image/jpeg 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/8e1f6a62-unsplash-bmm-idld1sa-ribs_1hc280000000000000000.jpg
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94a716996232f51cc66eb8f2ae0618696fe2d732cfb2a039fdefe8b366ec1c1a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:10 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "26d46de2e642df94b0401357aabf2dc7"
x-cache: Miss from cloudfront
x-amz-version-id: eaRlVJn1hGEhubrBKrppuoUIM8sj.VGN
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 5539317
x-amz-cf-id: KsXjCrvAtrM3V10_sFfqwawGGMEOxApwUziarDXv3PMsKnykiRmVJA==

GET
H2 200 v
views.unsplash.com/ 0
0 36ms
8ms Image
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.unsplash.com/v?app_id=27955&photo_id=cu53zfbr3lk,bmm,olm1xpcpstg,mcb06tsaab0
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 10ms
10ms Script
application/javascript 13.225.87.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-86.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 23:20:35 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 19350755
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: pAc4k6kW8px6rWfoigCkUlQx_13p4O_dU66WNiu714ST-vVJoredzg==

GET
BLOB 200
OK f12d6703-0529-4ba4-bd43-e961dd729acc
https://services.qwmassages.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://services.qwmassages.com/f12d6703-0529-4ba4-bd43-e961dd729acc
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 064fc1ddeedd985949045701d878ea254dd1947ed28b531783bf1323c34bfe93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 5587
Content-Type: text/css

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
212 B 14ms
13ms XHR
text/plain 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2128492482&t=pageview&_s=1&dl=https%3A%2F%2Fservices.qwmassages.com%2F&dp=%2Fa&ul=en-us&de=UTF-8&dt=massage%20therapy%2C%20grand%20forks%20massage%20therapy%2C%20grand%20forks%20massage%20therapist%2C%20massage%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=1321087003&gjid=994932880&cid=1731708163.1634250790&tid=UA-151777371-1&_gid=2021635806.1634250790&_r=1&_slc=1&z=831057336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://services.qwmassages.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 22:33:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://services.qwmassages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
2 KB 39ms
17ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:regular,700%7CPlayfair+Display:700,regular,400,italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-f7a4028.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

ESF /

Resource Hash

e8de653693b489371026cff1e0901b4c00e3d5d2149b4135f3c20acf802587c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Oct 2021 22:33:09 GMT
server: ESF
date: Thu, 14 Oct 2021 22:33:09 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Thu, 14 Oct 2021 22:33:09 GMT

GET
H2 200 0c74462e-promotions-icon-3_035035000000000000001.jpg
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 5 KB
5 KB 455ms
454ms Image
image/jpeg 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/0c74462e-promotions-icon-3_035035000000000000001.jpg
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31c96ef0fa3375da311a6364c8b7f5f1f232eecff665980bbbd3a9f7c2e3921a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:11 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "ef87da3a83946215acae89296d395984"
x-cache: Miss from cloudfront
x-amz-version-id: JWyMYEF408opXQzOhLcs_jHaYpOufaud
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 5033
x-amz-cf-id: hfBgi4Nf-N4QR4BzefON4a36goRCz7nOWcj3PXzZjttQ8ZNDFuwxyQ==

GET
H2 200 5c1ce091-unsplash-olm1xpcpstg_0cs08k0cs08h000001000.jpg
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 202 KB
203 KB 480ms
479ms Image
image/jpeg 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/5c1ce091-unsplash-olm1xpcpstg_0cs08k0cs08h000001000.jpg
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ece49eabdc1cd2b70648e4183b4ba1f2131d04293f4073150c56575b38177e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:11 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "5e36a71b79e6b17480c62c6c8f0c34b9"
x-cache: Miss from cloudfront
x-amz-version-id: DAj7GCsvmtys2A5ekYoDigbMgeUEMaAs
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 206820
x-amz-cf-id: BhX8L6ZmuEjdYBb1c0b6u3JlDVnL3iCX8teD8a0yxTpAZ6PRJ8I4fA==

GET
H2 200 98827922-unsplash-mcb06tsaab0_0cs09l0cs08h00000k000.jpg
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 208 KB
208 KB 480ms
479ms Image
image/jpeg 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/98827922-unsplash-mcb06tsaab0_0cs09l0cs08h00000k000.jpg
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2eced5c4cdbc968ca24fcd34be58354664ed33ce144e4b09f85ee788387d52c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:11 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "6f1cc1c1ad1e193a7bfd387a0cabb46b"
x-cache: Miss from cloudfront
x-amz-version-id: s2gaU9ztsTMIU_JIv6BBQssUWlrvd9FT
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 212663
x-amz-cf-id: yf6waIg0KdkwvB3dUWpKYunXaMtFPXgdARUMM0xSJM3zbO4auw-KCw==

GET
H2 200 da07c964-logo-for-top-corner-of-website-137x137_02w02w000000000000001.png
d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/ 8 KB
8 KB 441ms
440ms Image
image/png 13.225.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/services.qwmassages.com/da07c964-logo-for-top-corner-of-website-137x137_02w02w000000000000001.png
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.146 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-146.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 22875dd25c3caf004895ecbdcc4d9d55bedd363113eab1740c212f1b21c99af8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:11 GMT
via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
last-modified: Mon, 27 Jan 2020 20:19:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "370461311581cf2e20c909bf8ad58d7f"
x-cache: Miss from cloudfront
x-amz-version-id: uCjShR.oTPj.a4BYCrvFq0V7ZzafucZO
cache-control: max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 7991
x-amz-cf-id: JNuSZzcJBjbcWOOrSVYbJsDhnLE2gDZ497f7jU-USk0xQMBlf088qQ==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 311ms
104ms Image
image/gif 107.21.52.48
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1634250789729&e=pv&url=https%3A%2F%2Fservices.qwmassages.com%2F&page=massage%20therapy%2C%20grand%20forks%20massage%20therapy%2C%20grand%20forks%20massage%20therapist%2C%20massage%20service&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=90d96f1e-bc2e-4888-ab97-241c33b6ac24&dtm=1634250789728&vp=1600x1200&ds=1600x3073&vid=1&sid=249c412b-ca50-4ddb-9a9e-19f9b9e4248b&duid=9882d1fb-a7d4-4fec-ba63-764af9f5cbe7&uid=25ee56ff-ae34-406f-b40b-d2d31a9e34fd&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNWM1YmJiMTQtYTRjNS00NjE4LWE4OGMtMzA2NmFmOTAxZmI3IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: services.qwmassages.com
URL: https://services.qwmassages.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.52.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-52-48.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Oct 2021 22:33:09 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 44 KB
44 KB 42ms
20ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700%7CPlayfair+Display:700,regular,400,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://services.qwmassages.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 09:23:00 GMT
x-content-type-options: nosniff
age: 565809
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44876
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:29:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 08 Oct 2022 09:23:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 28ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700%7CPlayfair+Display:700,regular,400,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://services.qwmassages.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 17:03:52 GMT
x-content-type-options: nosniff
age: 19757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 14 Oct 2022 17:03:52 GMT

GET
H2 200 nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ 29 KB
29 KB 34ms
15ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/playfairdisplay/v22/nuFRD-vYSZviVYUb_rj3ij__anPXDTnCjmHKM4nYO7KN_qiTXtHA-Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:regular,700%7CPlayfair+Display:700,regular,400,italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9c225d8e629ad78e5d577a4cb4f400351d2ec232da542b89be98e43a6a4c9fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://services.qwmassages.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 07:13:19 GMT
x-content-type-options: nosniff
age: 314390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29328
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:30:09 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Oct 2022 07:13:19 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 454F 150 KB
49 KB 48ms
14ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d171127.54472616778!2d-96.993338!3d47.9195937!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0x972df0bc1f09389c!2sQ%20W%20Massage!5e0!3m2!1sen!2sus!4v1573143798824!5m2!1sen!2sus

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

mafe /

Resource Hash

0ddd1b0582b0aa931ebd7da3803ce67389afa7ea0236e5195be84dc032cfbeaf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:04:19 GMT
content-encoding: gzip
server: mafe
age: 1730
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49568
x-xss-protection: 0
expires: Thu, 14 Oct 2021 22:34:19 GMT

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/46/9/ Frame 454F 228 KB
67 KB 28ms
6ms Script
text/javascript 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/46/9/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

988f50a879b2c6447c977db42699ab677da8e2212d458fafbccbeb495ba15b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 17:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68300
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:34:03 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 13 Oct 2022 17:59:38 GMT

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/9/ Frame 454F 82 KB
30 KB 22ms
8ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/9/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

4374b99add7a92e4867db8c13e8bbb827919c2b3db5b891283c7e166015a32a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30736
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:32:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Fri, 14 Oct 2022 21:13:06 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/9/ Frame 454F 294 KB
90 KB 26ms
12ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/9/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

67a670065d00a169d5ac81354e1d4ae526ce4d356e0641659f81936b077d970b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 20:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92143
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:32:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Fri, 14 Oct 2022 20:34:11 GMT

GET
H3 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/9/ Frame 454F 60 KB
22 KB 22ms
10ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/9/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

49ea0cb7ef09892688639fad16eed8f7009f0f7cdf831b4fa04192ff20df1400

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 10:33:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22806
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:32:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Fri, 14 Oct 2022 10:33:58 GMT

GET
H3 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/9/ Frame 454F 4 KB
1 KB 10ms
10ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/9/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

2e7e2de0e6e56df9ca9c3dc588726f9fb93e9071263609bf1ea133925fdbc799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 17:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1394
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:32:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 13 Oct 2022 17:59:57 GMT

GET
H3 200 google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame 454F 2 KB
2 KB 29ms
14ms Image
image/png 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/google4.png

Requested by

Host: services.qwmassages.com
URL: https://services.qwmassages.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:09 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Thu, 14 Oct 2021 22:33:09 GMT

GET
H3 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 454F 20 KB
20 KB 88ms
88ms Image
image/png 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i60119&2i90977&2e1&3u10&4m2&1u600&2u450&5m5&1e0&5sen&6sus&10b1&12b1&client=google-maps-embed&token=39118

Requested by

Host: services.qwmassages.com
URL: https://services.qwmassages.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

89e92038968fcfca97b425a74e54f661eab7d4a456818e29f9815d4a88a4ecf5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:10 GMT
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=81
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20577
x-xss-protection: 0
expires: Fri, 15 Oct 2021 22:33:10 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/9/ Frame 454F 25 KB
9 KB 9ms
9ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/9/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

42f8bb08f494cc6b92abcf81b9eb99f60b66f1a98d31de733dbf96e63feb7bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 17:59:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9426
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:32:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 13 Oct 2022 17:59:57 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/46/9/ Frame 454F 2 KB
1 KB 8ms
7ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/46/9/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=us&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

a0019c8731b115a5acb43f77ad786d557d7f3dda06b556fa22c4bc5c602aea9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 18:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
last-modified: Mon, 11 Oct 2021 22:32:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="maps-api-js"
expires: Thu, 13 Oct 2022 18:04:52 GMT

GET
H3 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 454F 326 B
350 B 17ms
17ms Image
image/bmp 172.217.16.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: services.qwmassages.com
URL: https://services.qwmassages.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f3.1e100.net

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 14 Oct 2021 22:33:10 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Thu, 14 Oct 2021 22:33:10 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 454F 29 KB
3 KB 33ms
32ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d47.28780347753516&2d-98.30231651109322&2m2&1d48.571447880165266&2d-95.7764355897888&2u10&4sen&5e0&6sm%40576000000&7b0&8e0&11e289&12e2&callback=_xdc_._ne4wlp&client=google-maps-embed&token=85083

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/9/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

mafe /

Resource Hash

f075e5009256accaefc440daf82f070fa8eddea3aed4477a17a12d4e1a8c46ee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 22:33:10 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3467
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 454F 5 KB
1 KB 18ms
18ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d47.05115362948743&2d-98.29830787991607&2m2&1d48.78550055280979&2d-95.72476083240545&2u6&4sen&5e2&7b0&8e0&11e289&12e2&callback=_xdc_._6qtmcx&client=google-maps-embed&token=64002

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/9/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

mafe /

Resource Hash

9222a2d6ff468660ca6218962659f9139fdd155f2c5e601fc44d6ee0e72aa664

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 22:33:10 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 142.250.186.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=2128492482&t=timing&_s=2&dl=https%3A%2F%2Fservices.qwmassages.com%2F&ul=en-us&de=UTF-8&dt=massage%20therapy%2C%20grand%20forks%20massage%20therapy%2C%20grand%20forks%20massage%20therapist%2C%20massage%20service&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1403&pdt=2&dns=4&rrt=0&srt=16&tcp=19&dit=167&clt=167&_gst=122&_gbt=182&_u=KHBAAEABAAAAAC~&jid=&gjid=&cid=1731708163.1634250790&tid=UA-151777371-1&_gid=2021635806.1634250790&z=358437876

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://services.qwmassages.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 06:04:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 59321
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 454F 62 B
84 B 16ms
16ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&callback=_xdc_._c3oema&client=google-maps-embed&token=70232

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/46/9/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

mafe /

Resource Hash

bc199dcfb32aa0238edfa804736fe7036f0c83dee838dff320a31e0ae1238e15

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Oct 2021 22:33:14 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
services.qwmassages.com/	1970-01-20 02:22:28	Name: ubpv Value: a%2C5c5bbb14-a4c5-4618-a88c-3066af901fb7
services.qwmassages.com/	1970-01-20 02:16:42	Name: ubvs Value: 25ee56ff-ae34-406f-b40b-d2d31a9e34fd
.qwmassages.com/	1970-01-19 22:01:49	Name: ubvt Value: 25ee56ff-ae34-406f-b40b-d2d31a9e34fd
97862.tctm.co/	1969-12-31 23:59:59	Name: ct97862 Value: 6168b02500017e46b294837e
.qwmassages.com/	1970-01-20 15:28:42	Name: _ga Value: GA1.2.1731708163.1634250790
.qwmassages.com/	1970-01-19 21:58:57	Name: _gid Value: GA1.2.2021635806.1634250790
.qwmassages.com/	1970-01-19 21:57:30	Name: _gat Value: 1
.unsplash.com/	1970-01-20 06:43:06	Name: ugid Value: 98b520534c36efaac7e663532f1f61be5447502
.qwmassages.com/	1970-01-19 22:40:42	Name: __ctmid Value: 6168b02500017e46b294837e
services.qwmassages.com/	1970-01-19 22:40:42	Name: __ctmid Value: 6168b02500017e46b294837e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

97862.tctm.co
ajax.googleapis.com
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
maps.gstatic.com
services.qwmassages.com
views.unsplash.com
www.google-analytics.com
www.google.com
107.21.52.48
13.224.193.86
13.225.84.146
13.225.87.112
13.225.87.86
142.250.185.170
142.250.185.196
142.250.186.106
142.250.186.174
142.250.186.35
151.101.1.181
172.217.16.131
216.58.212.170
3.69.136.55
064fc1ddeedd985949045701d878ea254dd1947ed28b531783bf1323c34bfe93
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0ddd1b0582b0aa931ebd7da3803ce67389afa7ea0236e5195be84dc032cfbeaf
22875dd25c3caf004895ecbdcc4d9d55bedd363113eab1740c212f1b21c99af8
2e7e2de0e6e56df9ca9c3dc588726f9fb93e9071263609bf1ea133925fdbc799
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2f3d12d1622b277c8e07c954fe91e1524e28b90579debe5c6dcba5652e46d74e
31c96ef0fa3375da311a6364c8b7f5f1f232eecff665980bbbd3a9f7c2e3921a
3714d09a6ec5ed22776a9ae2d1299ae01ac1c4cb896eef4c251ab6783534211c
42f8bb08f494cc6b92abcf81b9eb99f60b66f1a98d31de733dbf96e63feb7bc1
4374b99add7a92e4867db8c13e8bbb827919c2b3db5b891283c7e166015a32a1
49ea0cb7ef09892688639fad16eed8f7009f0f7cdf831b4fa04192ff20df1400
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
62c8f47275e874a210224258f160fdc003caf2d09a24e83f153b901c758509e5
67a670065d00a169d5ac81354e1d4ae526ce4d356e0641659f81936b077d970b
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
77e4df20b8f9ed2057c194427aaaf16ee207a661a4a35d563980b491b91063e4
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7ece49eabdc1cd2b70648e4183b4ba1f2131d04293f4073150c56575b38177e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89e92038968fcfca97b425a74e54f661eab7d4a456818e29f9815d4a88a4ecf5
9222a2d6ff468660ca6218962659f9139fdd155f2c5e601fc44d6ee0e72aa664
94a716996232f51cc66eb8f2ae0618696fe2d732cfb2a039fdefe8b366ec1c1a
988f50a879b2c6447c977db42699ab677da8e2212d458fafbccbeb495ba15b69
9c225d8e629ad78e5d577a4cb4f400351d2ec232da542b89be98e43a6a4c9fac
a0019c8731b115a5acb43f77ad786d557d7f3dda06b556fa22c4bc5c602aea9f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a2eced5c4cdbc968ca24fcd34be58354664ed33ce144e4b09f85ee788387d52c
bc199dcfb32aa0238edfa804736fe7036f0c83dee838dff320a31e0ae1238e15
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8de653693b489371026cff1e0901b4c00e3d5d2149b4135f3c20acf802587c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f075e5009256accaefc440daf82f070fa8eddea3aed4477a17a12d4e1a8c46ee
f7a4028c7c5f1214665f61e28c0935beaaf8e73c1d82691da265ce59b3e388c8
f876f21b4fe6e61c1cf21ebcd174789a9407c3644bdf20634e10f2c6f81b25e7
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

services.qwmassages.com Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

0 %IPv6

10 Domains

14 Subdomains

15 IPs

2 Countries

8340 kBTransfer

9212 kBSize

10 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

services.qwmassages.com Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

15
IPs

2
Countries

8340 kB
Transfer

9212 kB
Size

10
Cookies

40 HTTP transactions
0 data transactions