bitbenderz.com Open in urlscan Pro
216.177.141.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://bitbenderz.com/
Submission Tags: falconsandbox
Submission: On September 29 via api (September 29th 2022, 9:39:46 am UTC) from US — Scanned from DE

Summary HTTP 115 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 20 domains to perform 115 HTTP transactions. The main IP is 216.177.141.16, located in United States and belongs to 1P-WSS, US. The main domain is bitbenderz.com.

This is the only time bitbenderz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	216.177.141.16 216.177.141.16	395532 (1P-WSS) (1P-WSS)
3	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2010	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:805::200a	15169 (GOOGLE) (GOOGLE)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 1	3.124.130.212 3.124.130.212	16509 (AMAZON-02) (AMAZON-02)
9	172.217.20.2 172.217.20.2	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
115	22

23 216.177.141.16 (United States)

ASN395532 (1P-WSS, US)
PTR: wsspl102.websitesource.com

bitbenderz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f3.1e100.net

p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:e365:4988:e8a7:3270 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.130.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-130-212.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.20.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.7.201.234 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	545 KB
23	bitbenderz.com bitbenderz.com	1 MB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	110 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 284 storage.googleapis.com — Cisco Umbrella Rank: 372 fonts.googleapis.com — Cisco Umbrella Rank: 41	161 KB
5	gstatic.com fonts.gstatic.com p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com	50 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	131 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 663	101 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 707	39 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1499	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	916 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 647	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1470	414 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 979	794 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8962	914 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 555	98 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 650	761 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	646 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
115	20

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
23	bitbenderz.com	bitbenderz.com ajax.googleapis.com
16	pagead2.googlesyndication.com	bitbenderz.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	code.jquery.com	bitbenderz.com
3	maxcdn.bootstrapcdn.com	bitbenderz.com
3	ajax.googleapis.com	bitbenderz.com
2	e.dlx.addthis.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fonts.googleapis.com	bitbenderz.com tpc.googlesyndication.com
1	id.rlcdn.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	storage.googleapis.com	bitbenderz.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
115	26

This site contains links to these domains. Also see Links.

Domain
www.smoothdivscroll.com
touchpunch.furf.com
github.com
davetayls.me
calebevans.me
finance.yahoo.com
www.foxsports.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 16 frames:

Primary Page: http://bitbenderz.com/
Frame ID: 4DD3DAE8A8A12BDF0CF014D10E71F9B4
Requests: 39 HTTP requests in this frame

Frame: http://bitbenderz.com/_logonews/index.html
Frame ID: B80696234A775879F96DAA558EA00287
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html
Frame ID: 90954E0810F82277B6965BEEBDEC0135
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=90&slotname=3758075689&adk=3745282862&adf=1590730475&pi=t.ma~as.3758075689&w=728&lmt=1483915613&psa=0&format=728x90&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444380767&bpp=3&bdt=749&idt=340&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=3239493004115&frm=20&pv=2&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=642&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YxSfEr1dkn&p=http%3A//bitbenderz.com&dtd=354
Frame ID: B55960675DB9B96871828AAC2D0268A0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&adk=1812271804&adf=3025194257&lmt=1483915613&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbitbenderz.com%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664444380783&bpp=1&bdt=765&idt=346&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=353
Frame ID: 2E236716446F84B24979AC6C6F425D1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html
Frame ID: 5591C9C148A936455A34F68BD8B5FA02
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 22B0F3713DBDCB03A2138220792FC793
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFC19624C7ED77D0FC42B00581986A31
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EBE1C2BA38263E3585BCCA4C88CA3AE1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7
Frame ID: 09E5F91466A6E60444507321A654AD09
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10
Frame ID: 4EE471390807ED306A9696A82B7497C1
Requests: 11 HTTP requests in this frame

Frame: https://p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: A34B93756172E205D07B551D386E104B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F63271AE09932D8577D3850FB09DF84E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CB730FA3F64728E68E2FB37F4324CA43
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: A51FE73AEB4B56019A6A850D63E2AE0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js
Frame ID: 1E22764FE0CF3D0C0ADE9FAE7C21948B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bitbenderz.com

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

115
Requests

63 %
HTTPS

60 %
IPv6

20
Domains

26
Subdomains

22
IPs

7
Countries

2201 kB
Transfer

4007 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.smoothdivscroll.com/
Title: jQuery smoothDivScroll Plugin v1.3

Search URL Search Domain Scan URL

URL: http://touchpunch.furf.com/
Title: jQuery UI Touch Punch Plugin v0.2.3

Search URL Search Domain Scan URL

URL: https://github.com/brandonaaron/jquery-mousewheel
Title: jQuery MouseWheel Plugin v3.0.6

Search URL Search Domain Scan URL

URL: http://davetayls.me/jquery.kinetic/
Title: jQuery Kinetic Plugin v2.0.1

Search URL Search Domain Scan URL

URL: http://calebevans.me/projects/jcanvas/
Title: jQuery jCanvas Plugin v14.08.16

Search URL Search Domain Scan URL

URL: http://finance.yahoo.com/
Title: 3rd Party

Search URL Search Domain Scan URL

URL: http://www.foxsports.com/
Title: 3rd party

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css HTTP 307
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css

Request Chain 2

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js HTTP 307
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Request Chain 33

http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css HTTP 307
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Request Chain 54

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 88

https://d.agkn.com/pixel/2175/?google_gid=CAESEEpIrLGMYmjLaYGJETTrpw8&google_cver=1&google_push=AZmPxg_rLTJdQKiGXfYb73jiMC2rCqGL4L0xNAJ3ankPtDi3Ed6kdmATySFqhJNRsf3DiDaxVsNIxr03V5uRktgLwTz1g7Kkipvi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_rLTJdQKiGXfYb73jiMC2rCqGL4L0xNAJ3ankPtDi3Ed6kdmATySFqhJNRsf3DiDaxVsNIxr03V5uRktgLwTz1g7Kkipvi&google_hm=Q0FFU0VFcElyTEdNWW1qTGFZR0pFVFRycHc4

Request Chain 92

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMG8tuai6LYrIKSQjg4OZhY&google_cver=1&google_push=AZmPxg_oJ64ObRTRRlV-nxcWAnL72nVBEFTZCdjeuPZoX8owGHqAlKUMexpLA58hAnuyaAhjSUytIYuklhnL18rc8o5NzL70951E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdMWkctOS1DRzZB&google_push=AZmPxg_oJ64ObRTRRlV-nxcWAnL72nVBEFTZCdjeuPZoX8owGHqAlKUMexpLA58hAnuyaAhjSUytIYuklhnL18rc8o5NzL70951E

Request Chain 93

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_cver=1&google_push=AZmPxg-D47tIDMCXnE1mAH7iW2cAzQcIOqQePVZTVDx0ZJnfnx1wX6Fo-O7OOt1jNFiKRoK_0n7-jdU_DSm50bwIK-ADbnqvVjU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_push=AZmPxg-D47tIDMCXnE1mAH7iW2cAzQcIOqQePVZTVDx0ZJnfnx1wX6Fo-O7OOt1jNFiKRoK_0n7-jdU_DSm50bwIK-ADbnqvVjU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-D47tIDMCXnE1mAH7iW2cAzQcIOqQePVZTVDx0ZJnfnx1wX6Fo-O7OOt1jNFiKRoK_0n7-jdU_DSm50bwIK-ADbnqvVjU

Request Chain 106

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECDB5iaRXs42BiIl64VXszc&google_cver=1&google_push=AZmPxg8gREajMWNjlQ1nvI7-hibhkuBSGk4ZMpD9ujHuX4fKKsvkn10A4x5-PBGbl_L0erw0Tr-AVT_Zowac5THOTn3WUnAKXv4 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8gREajMWNjlQ1nvI7-hibhkuBSGk4ZMpD9ujHuX4fKKsvkn10A4x5-PBGbl_L0erw0Tr-AVT_Zowac5THOTn3WUnAKXv4&google_hm=rn7x6hNKTrDY160_ItwJew

Request Chain 107

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8D3e2fFpQVaiU4f1A1iIxzC-hCnfN-2qfvs2mOjTTO6XAX5FlTUMJcFrvD5Xm5YDgMpb85Q_LwTmtjjWf-O4IUR_uAeXs&google_gid=CAESEH0LOTP4AaFsCfr3EnqRtlg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8D3e2fFpQVaiU4f1A1iIxzC-hCnfN-2qfvs2mOjTTO6XAX5FlTUMJcFrvD5Xm5YDgMpb85Q_LwTmtjjWf-O4IUR_uAeXs&google_gid=CAESEH0LOTP4AaFsCfr3EnqRtlg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjkwOTM5NDQwMDA1MTI3NzIzMTI3OQ%3D%3D&google_push=AZmPxg8D3e2fFpQVaiU4f1A1iIxzC-hCnfN-2qfvs2mOjTTO6XAX5FlTUMJcFrvD5Xm5YDgMpb85Q_LwTmtjjWf-O4IUR_uAeXs

Request Chain 110

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMG8tuai6LYrIKSQjg4OZhY&google_cver=1&google_push=AZmPxg8--TL9idjp9HlbdnU5enm0SGMGXdjXHIMiNO1DH83vRi72_IDx4wRNZxRhy54P_-9ir12tqZlba8USDPATV8KXFQrn9w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdNMzMtMVMtTTJLUA==&google_push=AZmPxg8--TL9idjp9HlbdnU5enm0SGMGXdjXHIMiNO1DH83vRi72_IDx4wRNZxRhy54P_-9ir12tqZlba8USDPATV8KXFQrn9w

Request Chain 111

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_cver=1&google_push=AZmPxg-NF89dr1fWHa3nRHmRpRFg8FBzeTtu7vIxxVgowyCz_3Q8hGzLNuCsH4uUcj670rwDSaoaoU8iaV-GNTHrYsgibuv49yc HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-NF89dr1fWHa3nRHmRpRFg8FBzeTtu7vIxxVgowyCz_3Q8hGzLNuCsH4uUcj670rwDSaoaoU8iaV-GNTHrYsgibuv49yc

115 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
bitbenderz.com/ 12 KB
13 KB 344ms
95ms Document
text/html 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: eaa466ee89bab1576d1ce7c8bd0868d3959d149cf7f3d1bb1c85e927b6869e23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 12590
Content-Type: text/html
Date: Thu, 29 Sep 2022 09:39:39 GMT
ETag: "5872c15d-312e"
Last-Modified: Sun, 08 Jan 2017 22:46:53 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 107ms
47ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 03:06:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 196394
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33951
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Wed, 27 Sep 2023 03:06:26 GMT

GET
H2

200

bootstrap.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/
Redirect Chain

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css

143 KB
22 KB

56ms
39ms

Stylesheet
text/css

2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
cdn-edgestorageid: 722
cdn-cachedat: 09/01/2022 05:42:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
etag: W/"2a31dca112f26923b51676cb764c58d5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 490c0e20265807c665edb56e35b16428
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7523c0bf5eb7bbc1-FRA
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.css
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://bitbenderz.com
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
Redirect Chain

http://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

36 KB
11 KB

34ms
18ms

Script
application/javascript

2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617, 617, 617, 617, 617, 617, 617, 617, 617
age: 21347041
cdn-cachedat: 2021-06-08 14:35:59
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: eefa06f81ccaf21fa5451ec613a67069
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7523c0bf5ebebbc1-FRA
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Non-Authoritative-Reason: HSTS
Access-Control-Allow-Origin: http://bitbenderz.com
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/start/ 36 KB
9 KB 149ms
90ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/start/jquery-ui.css

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

187eb517154bbd2784cee91f411f0e7147c894240b9667a7b4540c2e8e2d9231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 8556
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 29 Sep 2023 09:39:40 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 248 KB
67 KB 107ms
48ms Script
text/javascript 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 05:54:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 13509
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 67948
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Fri, 29 Sep 2023 05:54:31 GMT

GET
H/1.1 200
OK styles.css
bitbenderz.com/css/ 6 KB
6 KB 97ms
94ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/styles.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: e7e32048b7ad787df7fce9871693ed646c4d283dbf1bf7672a21d81eef817756

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:38 GMT
Server: nginx
ETag: "5872c09a-18ea"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6378

GET
H/1.1 200
OK scripts.js Show response
bitbenderz.com/js/ 71 KB
71 KB 190ms
94ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/js/scripts.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 1a0d5758fe9b99e5702efbc4bd12a0410e9a3a64df7b18f116c2b3b8645e8507

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:45:29 GMT
Server: nginx
ETag: "5872c109-11a8b"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 72331

GET
H/1.1 200
OK bootstrap-datetimepicker.min.css
bitbenderz.com/css/ 11 KB
11 KB 180ms
90ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/bootstrap-datetimepicker.min.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 7dfe15baeaf8698ae6d19380102fe67b52c139c89decf279a0ff71c6f27400a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:35 GMT
Server: nginx
ETag: "5872c097-2c0c"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11276

GET
H/1.1 200
OK bootstrap-datetimepicker.js Show response
bitbenderz.com/js/ 68 KB
69 KB 272ms
91ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/js/bootstrap-datetimepicker.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 70f20ae868ae59c06d1c20102c0951c5fcf99bad8f585ae4285bc95891e85a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:45:21 GMT
Server: nginx
ETag: "5872c101-111b7"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70071

GET
H/1.1 200
OK bootstrap-colorpicker.css
bitbenderz.com/css/ 5 KB
5 KB 182ms
92ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/bootstrap-colorpicker.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: febe8a7bfa5885ec195c5e6cfb6a9b1b3b27890a2ec586329771948f8e98c1dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:36 GMT
Server: nginx
ETag: "5872c098-13a3"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5027

GET
H/1.1 200
OK bootstrap-colorpicker.js Show response
bitbenderz.com/js/ 37 KB
38 KB 274ms
91ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/js/bootstrap-colorpicker.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: e3f197bbf284b0e8fb2e431c341fae4bc7a2e014a1230470f2b6e0e07f29f4bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:45:30 GMT
Server: nginx
ETag: "5872c10a-9572"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38258

GET
H/1.1 200
OK stock.quotes.min.css
bitbenderz.com/__stockQuotes/css/ 11 KB
11 KB 187ms
95ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/__stockQuotes/css/stock.quotes.min.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 7ca029bc931ba99c7e0f45e0f3f5b5e7c56be794cca70964245ec1afdbc40386

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Thu, 22 Dec 2016 23:01:17 GMT
Server: nginx
ETag: "585c5b3d-2cd1"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11473

GET
H/1.1 200
OK stock.quotes.min.js Show response
bitbenderz.com/__stockQuotes/js/ 75 KB
75 KB 286ms
99ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/__stockQuotes/js/stock.quotes.min.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 3e95784d220c2817b2704de61fe66ef9bff7ec42250ee228640485a7a70eaf24

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Thu, 22 Dec 2016 23:01:16 GMT
Server: nginx
ETag: "585c5b3c-12cd7"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77015

GET
H/1.1 200
OK news.ticker.css
bitbenderz.com/css/ 23 KB
23 KB 186ms
94ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/news.ticker.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: f1e1468cef7a7583160dc06f2929bd3b02d827f298aaff379287a001fb819230

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:39 GMT
Server: nginx
ETag: "5872c09b-5b8e"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23438

GET
H/1.1 200
OK news.ticker.js Show response
bitbenderz.com/js/ 129 KB
130 KB 287ms
99ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/js/news.ticker.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: d332af929a6d215587024f0f47db2356af610f5278cca2088be92d6571ed3c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:45:31 GMT
Server: nginx
ETag: "5872c10b-205b3"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132531

GET
H/1.1 200
OK scoreboard.css
bitbenderz.com/css/ 8 KB
8 KB 186ms
95ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/scoreboard.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: da705a417408b00803cdc4191cab1d9faa4ad258f2ed6a7b984e354f289ab963

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:34 GMT
Server: nginx
ETag: "5872c096-1e18"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7704

GET
H/1.1 200
OK scoreboard.js Show response
bitbenderz.com/js/ 348 KB
348 KB 371ms
94ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/js/scoreboard.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: b3bf58195937f7a27fa36f62584f1a81c3d11191c7a0e19a7b4ce17ab6351ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:45:27 GMT
Server: nginx
ETag: "5872c107-5701b"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 356379

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
57 KB 141ms
93ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

HTTP/1.1

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5be139c04bf717102c3528f107eaf4586da106b2b2d6cc74c786a498ee7bb532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 4478633565520625785
Vary: Accept-Encoding, Origin
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 57628
X-XSS-Protection: 0
Expires: Thu, 29 Sep 2022 09:39:40 GMT

GET
H/1.1 200
OK avatar.png
bitbenderz.com/images/ 21 KB
21 KB 92ms
92ms Image
image/png 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bitbenderz.com/images/avatar.png
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 63ecd1d468c9b76bab77470c74f4c63e6b422df795600fa8343c84e9d2f4a1ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Mon, 20 Jan 2014 12:14:52 GMT
Server: nginx
ETag: "52dd133c-533b"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21307

GET
DATA 200
OK truncated
/ 34 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9da0c33940229054acecf1574acc71934db9ce5915638b3cd717a0890ef5142

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK font.awesome.min.css
bitbenderz.com/css/ 32 KB
32 KB 94ms
93ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/font.awesome.min.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/css/scoreboard.css
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 6dc14b613b023825042f3c8303483d692ee256a876bd69fcea2b6ee9cf5a4332

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/css/scoreboard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:38 GMT
Server: nginx
ETag: "5872c09a-7e1b"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32283

GET
H/1.1 200
OK jquery-ui.min.css
bitbenderz.com/css/ 20 KB
21 KB 94ms
94ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/jquery-ui.min.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/css/scoreboard.css
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: bf4d221ddef7234ed2abb263a64c0bf2ca5ca334a13640b1d95ff9b31bb552d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/css/scoreboard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:36 GMT
Server: nginx
ETag: "5872c098-510c"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20748

GET
H/1.1 200
OK nhl.logos.min.css
bitbenderz.com/css/ 146 KB
147 KB 92ms
92ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/css/nhl.logos.min.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/css/scoreboard.css
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 42909a49eebfdc079a43146884608b6f25beb20acfc7b4ff6cdb044a74427ec2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/css/scoreboard.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Sun, 08 Jan 2017 22:43:40 GMT
Server: nginx
ETag: "5872c09c-2491e"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149790

GET
H/1.1 200
OK index.html Show response
bitbenderz.com/_logonews/ Frame B806 4 KB
4 KB 95ms
95ms Document
text/html 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/_logonews/index.html
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: e9e7a339f40066fd509d412506a90c5083cda8c4d4883772ac948f12709077c2

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 3706
Content-Type: text/html
Date: Thu, 29 Sep 2022 09:39:40 GMT
ETag: "584ff13e-e7a"
Last-Modified: Tue, 13 Dec 2016 13:01:50 GMT
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK bg_pattern.png
bitbenderz.com/css/images/ 106 B
388 B 93ms
93ms Image
image/png 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bitbenderz.com/css/images/bg_pattern.png
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/css/styles.css
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 7b3e9ad12f345cceab425a7d83b8c451fcfe4ebf6ca1dc2593eab221895724b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Mon, 20 Jan 2014 12:15:11 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "6a-4f065d7e031c0"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106

GET
H/1.1 200
OK adtab.png
bitbenderz.com/stockticker/stockticker/css/images/ 261 B
544 B 94ms
94ms Image
image/png 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://bitbenderz.com/stockticker/stockticker/css/images/adtab.png
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/css/styles.css
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 3cd551427b9abcd1774e89dcb1365fca219e909db743428734051e6f3a8d296b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Fri, 12 Sep 2014 13:29:06 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "105-502de44ee0c80"
X-Powered-By: PleskLin
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 261

GET
H/1.1 200
OK SNP_501E7C3D5CA3CA07C641E6BAFB8A53C794CF_2922339_en_v2
storage.googleapis.com/support-kms-prod/ 49 KB
49 KB 230ms
161ms Image
image/png 2a00:1450:4001:80b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://storage.googleapis.com/support-kms-prod/SNP_501E7C3D5CA3CA07C641E6BAFB8A53C794CF_2922339_en_v2
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/
Protocol: HTTP/1.1
Server: 2a00:1450:4001:80b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4d564c192a11fdf0b9788c3321b0596c82bd6632d51db2dbad2f83a4ffffe4b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Age: 0
X-GUploader-UploadID: ADPycdtx8-3KDjqhtgKhFwB5IixzDgZ6ucaIgkcO8bO032QoOsS8Ri3snMS6O2CtNyrccPrYUfyspMsliWei8ZjSijTZjMtzeZOT
x-goog-storage-class: STANDARD
x-goog-metageneration: 10
x-goog-stored-content-encoding: identity
Content-Length: 49704
Last-Modified: Mon, 16 Sep 2013 14:15:55 GMT
Server: UploadServer
ETag: "1f163cfc0f06b410ed56ff4fc0482807"
x-goog-generation: 1379340955775000
x-goog-hash: crc32c=Dm2vGw==, md5=HxY8/A8GtBDtVv9PwEgoBw==
Content-Type: image/png
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 49704
Accept-Ranges: bytes
Expires: Thu, 29 Sep 2022 10:39:40 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ 347 KB
123 KB 204ms
88ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6798369492392164&plah=bitbenderz.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95696eb248f94b610e3d27b47c5f2232d8f93828291f3e95424b55260f59dcea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125499
x-xss-protection: 0
server: cafe
etag: 17375432526309955203
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Sep 2022 09:39:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/ Frame 9095 10 KB
5 KB 114ms
35ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220927/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 06:17:20 GMT
etag: 9671129459699598864
expires: Thu, 13 Oct 2022 06:17:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame B806 3 KB
1 KB 186ms
70ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito:400,700

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

07089d769007497428554bc6a43dfe4154c45600615da9a650744bbeb73eed0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 09:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 07:54:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 09:39:40 GMT

GET
H/1.1 200
OK jquery-ui.min.css
code.jquery.com/ui/1.11.0/themes/smoothness/ Frame B806 27 KB
6 KB 57ms
16ms Stylesheet
text/css 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.min.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: afaa74cb8c7aa9d77e2fc0fe000be821fadfd253928644d972b6a4c3dd7dbcb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
ETag: W/"28feccc0-6c3a"
Vary: Accept-Encoding
X-HW: 1664444380.dop136.am5.t,1664444380.cds125.am5.c
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5407

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
code.jquery.com/ Frame B806 94 KB
33 KB 57ms
16ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:53 GMT
Server: nginx
ETag: W/"611feac9-1762a"
Vary: Accept-Encoding
X-HW: 1664444380.dop002.am5.t,1664444380.cds249.am5.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33202

GET
H/1.1 200
OK jquery-ui.min.js Show response
code.jquery.com/ui/1.11.0/ Frame B806 232 KB
62 KB 56ms
15ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/ui/1.11.0/jquery-ui.min.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Aug 2021 17:47:54 GMT
Server: nginx
ETag: W/"611feaca-39fec"
Vary: Accept-Encoding
X-HW: 1664444380.dop225.am5.t,1664444380.cds255.am5.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 63453

GET
H3

200

font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/ Frame B806
Redirect Chain

http://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

27 KB
7 KB

31ms
21ms

Stylesheet
text/css

2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html

Protocol

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 617, 617
age: 19360606
cdn-cachedat: 2021-06-08 19:04:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7523c0c42e199a11-FRA
cdn-requestpullsuccess: True

Redirect headers

Location: https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK styles.css
bitbenderz.com/_logonews/css/ Frame B806 1 KB
1 KB 95ms
94ms Stylesheet
text/css 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/_logonews/css/styles.css
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: 0c5809f2bae01d0edd4f4b02b86ad374709469748539a4d43cb9377043086fd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/_logonews/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Tue, 13 Dec 2016 13:01:59 GMT
Server: nginx
ETag: "584ff147-4a0"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1184

GET
H/1.1 200
OK functions.js Show response
bitbenderz.com/_logonews/js/ Frame B806 19 KB
20 KB 94ms
94ms Script
application/javascript 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/_logonews/js/functions.js
Requested by: Host: bitbenderz.com
URL: http://bitbenderz.com/_logonews/index.html
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: dba48be1c888b9d3aafbdb4988b38887c8059f881f30dd2d2634246451bd4925

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/_logonews/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:40 GMT
Last-Modified: Mon, 19 Dec 2016 20:07:33 GMT
Server: nginx
ETag: "58583e05-4d4c"
X-Powered-By: PleskLin
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19788

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 132ms
47ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bitbenderz.com&callback=_gfp_s_&client=ca-pub-6798369492392164

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6798369492392164&plah=bitbenderz.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f091777eb832f5e8a0b6ae923d012341f40aef70af45f2fcae8d26252fd0573b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 171ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bitbenderz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
49ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bitbenderz.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B559 108 KB
40 KB 548ms
475ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=90&slotname=3758075689&adk=3745282862&adf=1590730475&pi=t.ma~as.3758075689&w=728&lmt=1483915613&psa=0&format=728x90&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444380767&bpp=3&bdt=749&idt=340&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=3239493004115&frm=20&pv=2&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=642&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YxSfEr1dkn&p=http%3A//bitbenderz.com&dtd=354

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2342d8d16ecf9b022a450e1e6ccb4d0b55998f2c4bf35da74e8b9e338f36f8cc

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COa23cDaufoCFdSw1QodePsEJQ&gqi=3Wc1Y-jsDM621wbI5ZHACg&layout=/sadbundle/%24csp%253Der3%24/17295556043597352913/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40725
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COa23cDaufoCFdSw1QodePsEJQ&gqi=3Wc1Y-jsDM621wbI5ZHACg&layout=/sadbundle/%24csp%253Der3%24/17295556043597352913/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:41 GMT
expires: Thu, 29 Sep 2022 09:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 176ms
80ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fbitbenderz.com%2F&tn=FOOTER&cls=footer%20footer-fixed-bottom%20footer-inverse&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 176ms
81ms Image
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fbitbenderz.com%2F&tn=NAV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: bitbenderz.com
URL: http://bitbenderz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E23 0
19 B 108ms
48ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&adk=1812271804&adf=3025194257&lmt=1483915613&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fbitbenderz.com%2F&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1664444380783&bpp=1&bdt=765&idt=346&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=353

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:41 GMT
expires: Thu, 29 Sep 2022 09:39:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/ Frame 5591 14 KB
5 KB 161ms
75ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=90&slotname=3758075689&adk=3745282862&adf=1590730475&pi=t.ma~as.3758075689&w=728&lmt=1483915613&psa=0&format=728x90&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444380767&bpp=3&bdt=749&idt=340&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=3239493004115&frm=20&pv=2&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=642&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YxSfEr1dkn&p=http%3A//bitbenderz.com&dtd=354

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a55f14d6cff21ac89df2f00ed5b2e6cfc4d6f9e06e2094866f70c83320914fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 495120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3693
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 16:07:41 GMT
expires: Sat, 23 Sep 2023 16:07:41 GMT
last-modified: Wed, 18 Aug 2021 12:16:43 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B559 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBHwh3Wc1Y6bUDdTh1gb49pOoAv-91qls6anMrbgOt_zz_QgQASCpyo8IYJXikIKgB6ABvouR0APIAQmpAnS-frySP7A-qAMByANIqgTMAU_Qq3a5ohKIKQPTx9AMHid8YKqPbdVCamPJyhUJfcJOn7PWmhYdSft5eMDlOaKBEOva39K--BTcbkN6UjBM3bS3qoc5EdDvnef5Y-Gp_5Uj6o6utCQmZ7rS0z9Lf29U01j_f6uMJKffX3kqs4CySl4Uc6w5C7B2AltEH0G1wSK6yKBNwpRP67uVyQmE-QOMjcMw0oEuIxuWqbqFa7kfU36s_utnRnUCeO-sLW0eSqxmL6000sL2IhAkvzjHZikE9BjuJyeXG71L0c5SvcAEm6qC1tgDkgUECAQYAZIFBAgFGASgBi6AB-rSlTCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCsmxLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCogUAdAVAYAXAbIXHAoaCAASFHB1Yi02Nzk4MzY5NDkyMzkyMTY0GAA&sigh=6dDiHFX4qts&uach_m=[UACH]&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=90&slotname=3758075689&adk=3745282862&adf=1590730475&pi=t.ma~as.3758075689&w=728&lmt=1483915613&psa=0&format=728x90&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444380767&bpp=3&bdt=749&idt=340&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=3239493004115&frm=20&pv=2&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=642&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YxSfEr1dkn&p=http%3A//bitbenderz.com&dtd=354
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 09:39:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Sep 2022 09:39:41 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame B559 23 KB
10 KB 123ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:31:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:31:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame B559 3 KB
1 KB 134ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1735
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:10:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame B559 17 KB
7 KB 128ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:37:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B559 140 KB
44 KB 214ms
85ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 09:39:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 22B0 143 B
163 B 36ms
35ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=90&slotname=3758075689&adk=3745282862&adf=1590730475&pi=t.ma~as.3758075689&w=728&lmt=1483915613&psa=0&format=728x90&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444380767&bpp=3&bdt=749&idt=340&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&correlator=3239493004115&frm=20&pv=2&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=642&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=YxSfEr1dkn&p=http%3A//bitbenderz.com&dtd=354
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 19
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 29 Sep 2022 09:39:22 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B559 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54595d2f1522cd9b116ced2680b45ba2324ae8f01c13d569f85b4b1e8ebafeae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5591 6 KB
3 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:52:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 30 Sep 2022 04:52:22 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5591 33 KB
13 KB 130ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 04:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17237
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13218
x-xss-protection: 0
server: cafe
etag: 5545325275904357113
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 30 Sep 2022 04:52:24 GMT

GET
H3 200 1eac90116c064033660f6abc80ef899e.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/ Frame 5591 75 KB
19 KB 141ms
53ms Script
application/x-javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/1eac90116c064033660f6abc80ef899e.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0bca14c02c62bedbb67c39e7fbe9ce35ff7a5f5623011c9a93031fb2787f433

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 23 Sep 2022 16:07:42 GMT
age: 495119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19658
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 12:16:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 16:07:42 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 22B0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
58ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:42 GMT
expires: Thu, 29 Sep 2022 09:39:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 5591 6 KB
638 B 166ms
71ms Stylesheet
text/css 2a00:1450:400d:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900|Roboto:500

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/1eac90116c064033660f6abc80ef899e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1bacd17873c96bdbd350c12414feaac6d0b8cca24bf7c7a76fb2adca4da029a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Sep 2022 09:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 08:54:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Sep 2022 09:39:42 GMT

GET
H3 200 a6bbc0bf7adcea5559699818d25507fb.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/media/ Frame 5591 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/media/a6bbc0bf7adcea5559699818d25507fb.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 26 Sep 2022 16:45:52 GMT
age: 233630
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1059
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 12:16:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Sep 2023 16:45:52 GMT

GET
H3 200 5fa9a226a83a1b37805bd12888a60345.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/media/ Frame 5591 8 KB
8 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/media/5fa9a226a83a1b37805bd12888a60345.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8bb336a34fff4f0be26b9374be47a0a34e9391c9986b1ab93992f8ea8b1a281

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 23 Sep 2022 16:08:24 GMT
x-content-type-options: nosniff
age: 495078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8228
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 12:16:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 16:08:24 GMT

GET
H3 200 086be5f25a3880fbca15582e32f5dc1a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/media/ Frame 5591 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/media/086be5f25a3880fbca15582e32f5dc1a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17295556043597352913/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f302130151d2110be1959331968bb7fd4ec77a6ab66c9859e91bb05bb27b1c68

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 23 Sep 2022 16:08:24 GMT
x-content-type-options: nosniff
age: 495078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1820
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 12:16:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 23 Sep 2023 16:08:24 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5591 16 KB
16 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:10:25 GMT
x-content-type-options: nosniff
age: 48557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 20:10:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5591 15 KB
16 KB 154ms
75ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 05:29:41 GMT
x-content-type-options: nosniff
age: 360601
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Sep 2023 05:29:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5591 15 KB
15 KB 125ms
46ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:900|Roboto:500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 08:45:00 GMT
x-content-type-options: nosniff
age: 89682
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 08:45:00 GMT

GET
H/1.1 200
OK home.html Show response
bitbenderz.com/assets/ 6 KB
6 KB 95ms
95ms XHR
text/html 216.177.141.16
1P-WSS

General

Check archive.org

Show headers Download Go to

Full URL: http://bitbenderz.com/assets/home.html
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Server: 216.177.141.16 , United States, ASN395532 (1P-WSS, US),
Reverse DNS: wsspl102.websitesource.com
Software: nginx / PleskLin
Resource Hash: b0bc049b2d0429dbe131bfb3bb97f0849e076bfd77782788e075779486e5119e

Request headers

Accept: */*
Referer: http://bitbenderz.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Thu, 29 Sep 2022 09:39:42 GMT
Last-Modified: Sun, 08 Jan 2017 22:46:31 GMT
Server: nginx
ETag: "5872c147-1676"
X-Powered-By: PleskLin
Content-Type: text/html
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5750

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 185ms
89ms XHR
application/json 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220927&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d120cdf32ee6b4f71fe5b70d111e616ce4a861f055bee21d8851359892f4a9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11177
x-xss-protection: 0

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5591 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 00:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:38:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 09:39:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFC1 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:02:53 GMT
expires: Fri, 29 Sep 2023 09:02:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EBE1 783 B
535 B 171ms
73ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1b1228c38fa8159faed086888af07f50d69c5fa267b1718de4088345f905977

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yDzC8fmoUls6VXw_ST9d9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-yDzC8fmoUls6VXw_ST9d9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:42 GMT
expires: Thu, 29 Sep 2022 09:39:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame CFC1 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 00:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:38:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CFC1 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?DT-cQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBE1 0
0 79ms
79ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220927&jk=698807452566&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 127ms
49ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bitbenderz.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 120ms
47ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bitbenderz.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09E5 76 KB
31 KB 633ms
633ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61c1617813ba03daefa428af04112115579f06387d14d1a19f2b8e71e140a6b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 31996
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4EE4 77 KB
32 KB 791ms
790ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79664849785e87dbc827c1468867726cf8d253652a283b87bafe88e77a51c342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bitbenderz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32328
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B559 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukmNioVeoPfHbK4eyqccSfIMrrpdNd1udJcjNgQgfy3jqwcMLC2ka71OykW5asA_W1iVaNcCWhx31mHlsaeccPc9yG8bu1z7Z15bNifg2Sq0G2XuEXULDpWEy0IyETj-MXSR_ByA&sai=AMfl-YTnXbxM-NbBNv9CZxZL7gMbZI_JMuXxl2Xcgy575b-jj-kzozT8oxFhVz_F8epWi4HTcw_aRV1eRzq00Ac&sig=Cg0ArKJSzI6oXGxeybocEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3745282862&rs=2&la=0&cr=0&vs=4&r=v&rst=1664444381123&rpt=938&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
83ms Image
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220927&jk=698807452566&bg=!OjmlOX3NAAYIxsuQKMY7ACkAdvg8WnAR44__4-pEB54n-yN8WKTvKhJio3gebp-1Hwpoyd16YwtrsgIAAABZUgAAAAJoAQeZApw7F44VRqPa-yzVNj86hHZUiurC4WIqzZ520W3umKxRrqCmecp5yTYUZEYgoGg--LSli-SbK1UhDo18w0Gpgh5xGiJDHct7nxgD7SAE-Rqtx_7DFKDq7oJlwbABF5qU_6iFK0KTCWEFE5b9Ct2zAT9VkWKihXadRk9hyT2HmwKY187FEnaVgp6bOsfJSqzfNXDzCHn8oG2Rtqb7fJB6AgwdTR8UUNGCZWQZ_J_Dy0SbYMyEPoMDGbX7fEe66wDVcNekuXHFnejpUNrI3bjqyx-TERvfyxxSoczxMM4BlkzEy4cV3XqullyfwqcrSWQkI0QPZipN1uFEieIPKIbS4dzniP-WYK6OM9qE3GJdzLr6UHfrCs_ROD0M-qTw74eHwGgTEV3t7G7f-d3L1x-n1VO7geUMhAoyFbRBYKc7dfxBTA1-_w-fDCQHSY3fs7aZ9FCbilM4akmzPxfeIbJPwCsxUgg7Su1ADH2wzOZcyNkjM7V0Ni5uPKno8ipxTpXBX6BAS9YOMtxf-VrvwfIenLyfyUvabSQsxwtgseiMBAQ-beGz7bye5omq7itqv-BsRHTO_bDWxmZIyEOSoXP86JpvqwDvd9rfXel_M340sT9akrj1DiYw4jLotFwgFU2rk2VOOgoCvCxtA2mbTx9x_hXe3opSMW0RebEqNwQt9LzO8HP11p6pJf4C3dFmgs7tdmkljUyPHaelgVB0FkN3qK3kIXuLkeZ5pDq4PIVSheDnZZoQpwUyy5IueFIxnp9ECSmmL2RWChysjECwHcaOspfUSHOKXdd98i5gR0xwxu-AHM1AYBhCWrMwpn1ye2y_K5v-QK2FmM1NQyexcp7uhdAjlf7VY_m206JhOeLnxq_Fgramt8eX_DZk2LNlug
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://bitbenderz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 2099054794797501070
tpc.googlesyndication.com/simgad/ Frame 09E5 93 KB
93 KB 40ms
40ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2099054794797501070?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qklTYL2wZuQ3nICVJ3w4JDUCyxURg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5e323ff3183531198a6459eb1755b1f73c5a4e752e8a4e2621c73ac97fa34bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 05:39:39 GMT
x-content-type-options: nosniff
age: 187204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94726
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 10:23:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Sep 2023 05:39:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 09E5 23 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:19:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 09E5 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 09E5 17 KB
7 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09E5 140 KB
44 KB 218ms
114ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 09:39:43 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 09E5 32 KB
13 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f31b667b70b2753bcbffa65bfbbd0120ce3d37cace0bb6b26fb41e91508064e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13614
x-xss-protection: 0
server: cafe
etag: 13013221327992996047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 18:25:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 09E5 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cj66Q3mc1Y7fKPNi5YL7ov5AB6tj41Wy26ZTGsBDa2R4QASCpyo8IYJXikIKgB6AB1viW1QHIAQKpAkpgYwhhQLA-qAMByAPJBKoEzAFP0Gvp6_oc42pTNPZyxbkCIvejFcJ-Cp0Cfhpt2uQLOIvSAQHkvEjc9QC5_5wuUqqtPMQj-kD9CgP5iM7PVi2ucGMbqZlqXnY3U7H5E4eFc4erwACQwlyQ5V98-AZ5o_wIAOTZSTJLp-ILuDreuNKAvHc3R5Mx1rFz-zlP1Yp11C0ZEfKaOQ5HUEbVsFbg6vWQ0wwuEgX2TTjMRxlsVdEvZ85enuASYW-Mr842CLQbTb9BOhvcCU3JLBlL3e9O-BnWtxwEWX05Mcb1IPTABIy49fyQBKAGAoAHnMK3BagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKe_OtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTY3OTgzNjk0OTIzOTIxNjQYAA&sigh=4_RNoUhkwR8&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 09:39:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A34B 247 B
962 B 141ms
46ms Document
text/html 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

01759ac776f701733c47ed5c672218e0e0cf146fd6fc2c11f5f8fd16b797cd66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 204
content-security-policy-report-only: script-src 'nonce-lrvIhcJwwViF_NLvYE3yOQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F632 1 KB
749 B 47ms
47ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 30 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 09E5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba4e8695a0ac4abccfe916e44a8358356a9a1a7f39dbe4c36eabc529c136b42d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame F632 35 B
464 B 35ms
9ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECDB5iaRXs42BiIl64VXszc&google_cver=1&google_push=AZmPxg9x5y3utSFNjzEbzhg-6Rift02TnQN_GC67CKzfGdG7u2x-01BUQB4FJ63Fb9djyzQSx6AM2SPOHaH-3aBVgGiVwwwNJ-G0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEpIrLGMYmjLaYGJETTrpw8&google_cver=1&google_push=AZmPxg_rLTJdQKiGXfYb73jiMC2rCqGL4L0xNAJ3ankPtDi3Ed6kdmATySFqhJNRsf3DiDaxVsNIxr03V5uRktgLwTz1g7Kkipvi
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_rLTJdQKiGXfYb73jiMC2rCqGL4L0xNAJ3ankPtDi3Ed6kdmATySFqhJNRsf3DiDaxVsNIxr03V5uRktgLwTz1g7Kkipvi&google_hm=Q0FFU0VFcElyTEdNWW1qT...

170 B
232 B

142ms
70ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_rLTJdQKiGXfYb73jiMC2rCqGL4L0xNAJ3ankPtDi3Ed6kdmATySFqhJNRsf3DiDaxVsNIxr03V5uRktgLwTz1g7Kkipvi&google_hm=Q0FFU0VFcElyTEdNWW1qTGFZR0pFVFRycHc4

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Sep 2022 09:39:43 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AZmPxg_rLTJdQKiGXfYb73jiMC2rCqGL4L0xNAJ3ankPtDi3Ed6kdmATySFqhJNRsf3DiDaxVsNIxr03V5uRktgLwTz1g7Kkipvi&google_hm=Q0FFU0VFcElyTEdNWW1qTGFZR0pFVFRycHc4
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame F632 0
98 B 133ms
38ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9vNPv0mdf33C0p-szsWJsq1rp1a4f6yGqYW5vlw3EDhD1Mmn1VNh54D_N_qWpSDxu1dPpvbou0NoMw7XAUd1Kro3RSYmud&google_gid=CAESENZEQB0ylmfsZb9Da86G6M8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame F632 43 B
350 B 114ms
40ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPDx0sDkFLyPpki3Fz_SfwM&google_cver=1&google_push=AZmPxg8YiWCh8r6UeCA0JsoVMc9dpGHB3-5oQi_CW4zZLewoGtjKv5-fQ7tjYs7gU7dY4tiuzsB0H3dSPUNa_5zEOHkr1KEPP6na
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ptfimhe2s4sngbc7gc4omop5inv0cps5

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame F632 0
166 B 85ms
16ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENGBaauYAtsA4kmIBDemGQQ&google_cver=1&google_push=AZmPxg9MaAU0Vr56ImpyE7_Tb8wuLsvYO2mIyinWFpIvfmP_DGtIltqxQCh6OfIP9WQOXBD9pBfFQdZRSOK--L2ekq2yVEZUZTK4
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=7989516889&adk=3550170672&adf=2033689419&pi=t.ma~as.7989516889&w=300&lmt=1483915613&psa=1&format=300x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2922&idt=-M&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=C6fIvoivs8&p=http%3A//bitbenderz.com&dtd=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 29 Sep 2022 09:39:42 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMG8tuai6LYrIKSQjg4OZhY&google_cver=1&google_push=AZmPxg_oJ64ObRTRRlV-nxcWAnL72nVBEFTZCdjeuPZoX8owGHqAlKUMexpLA58hAnuyaAhjSUy...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdMWkctOS1DRzZB&google_push=AZmPxg_oJ64ObRTRRlV-nxcWAnL72nVBEFTZCdjeuPZoX8owGHqAlKUMexpLA58hAnuyaAhjSUytIYuklhnL18rc8o5NzL70951E

170 B
329 B

132ms
69ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdMWkctOS1DRzZB&google_push=AZmPxg_oJ64ObRTRRlV-nxcWAnL72nVBEFTZCdjeuPZoX8owGHqAlKUMexpLA58hAnuyaAhjSUytIYuklhnL18rc8o5NzL70951E

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdMWkctOS1DRzZB&google_push=AZmPxg_oJ64ObRTRRlV-nxcWAnL72nVBEFTZCdjeuPZoX8owGHqAlKUMexpLA58hAnuyaAhjSUytIYuklhnL18rc8o5NzL70951E
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F632
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-D47tIDMCXnE1mAH7iW2cAzQcIOqQeP...

170 B
232 B

72ms
71ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-D47tIDMCXnE1mAH7iW2cAzQcIOqQePVZTVDx0ZJnfnx1wX6Fo-O7OOt1jNFiKRoK_0n7-jdU_DSm50bwIK-ADbnqvVjU

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F%2BilJDEGdPXoEdebYGz0bxIVYxMCbr4bha%2F8loCJFNp4tX8PPctZOW71hcdzO%2FbK3jtoB2mqnu8mcJhC%2BVUWVwXh5ZjQWVZNDIpITt%2F6386iKBzW5X7dGKZPqrauSGAxHZGcaUM544UsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-D47tIDMCXnE1mAH7iW2cAzQcIOqQePVZTVDx0ZJnfnx1wX6Fo-O7OOt1jNFiKRoK_0n7-jdU_DSm50bwIK-ADbnqvVjU
cache-control: no-cache
cf-ray: 7523c0d6ab6bbbd3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F632 0
223 B 198ms
65ms Image
text/html 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LaAsoT3f5eFOQE0JitMcLuN28bxMk5Wdik2tBg4qtmTDlf2aQsKOi3BoOprfcz7cERK47r

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 2397699116797666917
tpc.googlesyndication.com/simgad/ Frame 4EE4 54 KB
54 KB 41ms
40ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2397699116797666917?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmj05Ou0Yfrc8m_K5SvIW0M25jn1w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

432b919c61f9f62efb4a131e94c3a34a8f79a2dfeb8fa1b434ebc89a091f7f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 06:18:34 GMT
x-content-type-options: nosniff
age: 184869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55188
x-xss-protection: 0
last-modified: Wed, 21 Jul 2021 09:51:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Sep 2023 06:18:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/ Frame 4EE4 23 KB
9 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:19:20 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 4EE4 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 4EE4 17 KB
7 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:32:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 Oct 2022 09:32:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4EE4 0
0 71ms
68ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgvXemKyK6qT8fB2LEiCXTxZel73izA1fintR8_PSKOSItje0WzSu4lda3Z7nVA_PUQe33TjAdY70xzMxGsPJdi5bMKg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EE4 140 KB
44 KB 121ms
119ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Sep 2022 09:39:43 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/ Frame 4EE4 32 KB
13 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220927/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f31b667b70b2753bcbffa65bfbbd0120ce3d37cace0bb6b26fb41e91508064e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 18:25:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13614
x-xss-protection: 0
server: cafe
etag: 13013221327992996047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 18:25:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4EE4 0
0 81ms
79ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2oCv3mc1Y8rPPNS5YZ7et4AO6tj41WzW75TGsBDa2R4QASCpyo8IYJXikIKgB6AB1viW1QHIAQKpAnS-frySP7A-qAMByAPJBKoEzAFP0OJAHxYXMxggeDG1a3xdj3ULo6XDrV0ktWAOMIfZ5nWWoXmvHuXWT5xpVFa-IqttEWVwGjC2ZsnR1Xz_H6WBST4GPOEuAbq8XpqjEkVs9dNip1CXFFNCQJPIFYzbDCzKge_1r-DLjWlexlsB-QIA4W7uYszGnGyEJXh-vgqIHLTR07_BgT1Ae0E8mjxq0oY2ueJ1_mf2Q_fZvzDLqq0KaL_opANtE_Gr2o8FNlm70rlqtNmxw5gQDuOkpnKzNG_ILcPiEyi8VHlJIMrABIy49fyQBKAGAoAHnMK3BagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMyQOtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMD0BUBgBcBshccChoIABIUcHViLTY3OTgzNjk0OTIzOTIxNjQYAA&sigh=0JHhrao1RsU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 29 Sep 2022 09:39:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 iframe.html Show response
p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame A34B 4 KB
2 KB 118ms
44ms Document
text/html 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f3.1e100.net

Software

sffe /

Resource Hash

53f7f7e0a7ea23a4eef988ef893862718001eb57919e4234dd11bc8a620eab8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1862
content-security-policy-report-only: script-src 'nonce-EBEQk02RoIctqvu0xl2urQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 09:39:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CB73 1 KB
749 B 49ms
47ms Document
text/html 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7751
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Fri, 30 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4EE4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c815ef53f57085cf65797bc6e68404c30989c462adb667ade3ccb47351b18ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CB73
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECDB5iaRXs42BiIl64VXszc&google_cver=1&google_push=AZmPxg8gREajMWNjlQ1nvI7-hibhkuBSGk4ZMpD9ujHuX4fKKsvkn10A4x...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8gREajMWNjlQ1nvI7-hibhkuBSGk4ZMpD9ujHuX4fKKsvkn10A4x5-PBGbl_L0erw0Tr-AVT_Zowac5THOTn3WUnAKXv4&google_hm=rn7x6hNKTrDY1...

170 B
232 B

72ms
71ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8gREajMWNjlQ1nvI7-hibhkuBSGk4ZMpD9ujHuX4fKKsvkn10A4x5-PBGbl_L0erw0Tr-AVT_Zowac5THOTn3WUnAKXv4&google_hm=rn7x6hNKTrDY160_ItwJew

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg8gREajMWNjlQ1nvI7-hibhkuBSGk4ZMpD9ujHuX4fKKsvkn10A4x5-PBGbl_L0erw0Tr-AVT_Zowac5THOTn3WUnAKXv4&google_hm=rn7x6hNKTrDY160_ItwJew
pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB73
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8D3e2f...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg8D3e2f...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjkwOTM5NDQwMDA1MTI3NzIzMTI3OQ%3D%3D&google_push=AZmPxg8D3e2fFpQVaiU4f1A1iIxzC-hCnfN-2qfvs2mOjTTO6XAX5FlTUMJcFrvD5Xm5YD...

170 B
188 B

72ms
72ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjkwOTM5NDQwMDA1MTI3NzIzMTI3OQ%3D%3D&google_push=AZmPxg8D3e2fFpQVaiU4f1A1iIxzC-hCnfN-2qfvs2mOjTTO6XAX5FlTUMJcFrvD5Xm5YDgMpb85Q_LwTmtjjWf-O4IUR_uAeXs

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjkwOTM5NDQwMDA1MTI3NzIzMTI3OQ%3D%3D&google_push=AZmPxg8D3e2fFpQVaiU4f1A1iIxzC-hCnfN-2qfvs2mOjTTO6XAX5FlTUMJcFrvD5Xm5YDgMpb85Q_LwTmtjjWf-O4IUR_uAeXs
pragma: no-cache
date: Thu, 29 Sep 2022 09:39:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Thu, 29 Sep 2022 09:39:44 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame CB73 43 B
64 B 75ms
41ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPDx0sDkFLyPpki3Fz_SfwM&google_cver=1&google_push=AZmPxg_PRnQWs9eA24XzHrS2LHvTaAJFFvtXidW1q9nZc4iA25DZGxGEJomAPvjC2AJXFyE5yImDvPIgNnBczdvT9fuWxFvMMrE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cassf06f45ugsj3dh13732at72mid80j

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CB73 0
41 B 18ms
16ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENGBaauYAtsA4kmIBDemGQQ&google_cver=1&google_push=AZmPxg-sQSoxiHr7ps5wVYTI28ZhihLHVo8Dn4amnftMbNgTpBkMcjx8iUtT92FH1exXg9NH-4zbSEfvkkDT5Kb-I4msEnW_6O8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6798369492392164&output=html&h=600&slotname=9665008489&adk=3575758226&adf=1877909164&pi=t.ma~as.9665008489&w=160&lmt=1483915613&psa=1&format=160x600&url=http%3A%2F%2Fbitbenderz.com%2F&wgl=1&dt=1664444382940&bpp=1&bdt=2921&idt=1&shv=r20220927&mjsv=m202209220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0834d9717d570525-22d6a49c32ce0015%3AT%3D1664444381%3ART%3D1664444381%3AS%3DALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg&prev_fmts=728x90%2C0x0%2C300x600&nras=1&correlator=3239493004115&frm=20&pv=1&ga_vid=170125634.1664444381&ga_sid=1664444381&ga_hid=1538657534&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1206&ady=228&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C42531706%2C44772922%2C31067825&oid=2&psts=APxP-9CP8N9hs-eOYIE-Z0js9C8FUUE53ZS-ic4h_2-udr9pyS7mXMKHcIsK3lpPOZirpmNc_UXdbVIVzwebnA&pvsid=698807452566&tmod=562480452&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=WB88mxYwGa&p=http%3A//bitbenderz.com&dtd=10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 29 Sep 2022 09:39:42 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CB73
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMG8tuai6LYrIKSQjg4OZhY&google_cver=1&google_push=AZmPxg8--TL9idjp9HlbdnU5enm0SGMGXdjXHIMiNO1DH83vRi72_IDx4wRNZxRhy54P_-9ir12...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdNMzMtMVMtTTJLUA==&google_push=AZmPxg8--TL9idjp9HlbdnU5enm0SGMGXdjXHIMiNO1DH83vRi72_IDx4wRNZxRhy54P_-9ir12tqZlba8USDPATV8KXFQrn9w

170 B
232 B

73ms
72ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdNMzMtMVMtTTJLUA==&google_push=AZmPxg8--TL9idjp9HlbdnU5enm0SGMGXdjXHIMiNO1DH83vRi72_IDx4wRNZxRhy54P_-9ir12tqZlba8USDPATV8KXFQrn9w

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhNVjdNMzMtMVMtTTJLUA==&google_push=AZmPxg8--TL9idjp9HlbdnU5enm0SGMGXdjXHIMiNO1DH83vRi72_IDx4wRNZxRhy54P_-9ir12tqZlba8USDPATV8KXFQrn9w
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CB73
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-NF89dr1fWHa3nRHmRpRFg8FBzeTtu7...

170 B
188 B

167ms
71ms

Image
image/png

172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-NF89dr1fWHa3nRHmRpRFg8FBzeTtu7vIxxVgowyCz_3Q8hGzLNuCsH4uUcj670rwDSaoaoU8iaV-GNTHrYsgibuv49yc

Requested by

Protocol

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0lQwpkgFlEuT7NbLl8HJdC6gJHdyI00yUFHTDGDH41rNGn%2BgjlxPn4VvcCOLWzHChHjhqEd5m%2B8v%2BWoxaiHpaMdIDNSMwyd1QG76I9R1fHC%2Fj4JXDyv6Me%2FrsaTEC%2FBGRsoclYfXLYWNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB-FjbkQJeHJ26mm7Pu3qg8&google_hm=YzVn3-wJ9Sewh46aaHDGPwAABKUAAAAB&google_nid=index&google_push=AZmPxg-NF89dr1fWHa3nRHmRpRFg8FBzeTtu7vIxxVgowyCz_3Q8hGzLNuCsH4uUcj670rwDSaoaoU8iaV-GNTHrYsgibuv49yc
cache-control: no-cache
cf-ray: 7523c0d74d2bbbd3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame CB73 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CB73 0
40 B 70ms
68ms Image
text/html 172.217.20.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KMf4DfFPIQVA6uj1CrNFrDHmHMmkKtznObfMeHTPLFe40Emx0V33rkGYz7AmyFjY4YJRxD_Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.20.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s28-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 09:39:43 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A51F 36 KB
16 KB 48ms
47ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 00:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:38:14 GMT

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1E22 36 KB
16 KB 52ms
52ms Script
text/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 00:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Sep 2023 00:38:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 09E5 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu_SPgJtkACQjjYaicEU2UsJz6waAXcQ-4HW-i2vA07vDFJAEE3ss0qrvV38fod4wIeJlV1gcvFeasAwgHlz-6h8UePpKGWE4YTtu65verXsMV1F-Olre9DIZGUgZ-M0wgtWyxk-UXdn_4-V8UqO-yF3osGqNAGSO0Th8FYSW2JIcJFAzXD7R8hcqDteXV51YJmAHtlM8saWSLG02-cS6BS_JdS7TQKHh1AMGnoCWZ06OvozZ70CXBThGzn4X4p_CiEd7Xb7LucirtBLobEJ_8BLYUAsDftcp141X4bTShsiRN0Yn4el2WD6VA2YVFxYR3PAcLKA9CejJ5f3BDv5Fjm6gpg8LPTPqXNhzUgwOQfS0eja7YQVDwZN68RLXasPYXWW9-pbvfyLRJjzm3t6cLPyG52neDCYoH_PDHDNBT-Af96psQlq2Br_zddq0dP2exJjTIXWnjEszA4e7YOkS2hvvAlGG4OsfSZpyr-t3vp1243BHj7Fkw-heqILIDZ6gNW_sUB_j8F7gNE51-yHNcsfXrYS4GjfsRQYMrQeEezuO3ErAS1F4cAsQbfg72Os2BIpmGnmT7-IZXFY7kYjCBsZg8QiFZJERRDNDlZAHq3csxPkBQMy-sx5-aJZiKRBWL1HaFkIOZa1cW0OJbj50_jjJ7vDu2itamq_gwrysvbcsUmwuDa6dcqsZfYPMsPEtizRunXSe1IRIoUFSPIOn7wUeJ4Kz6_47e12_MXfJtNGBBJHWA0EQkPZiSKAeUosATAekFQo8gSV8r3xXd3CM2zaZK3ibcAKe-GxlXtg-10mvV26_gQ7oZ1UqwsRykWeoFYCxJN4gvAXRELTD9iO7RQ1oJUTBZ7vi4c8CNFXUnwI34UWVaa0BwoEelPQ0gnESFbYD6iNNUgzNyQduOBKAJdYZ_XP-bTEGAzeP-VNHxyGJdMamOPuAr-sjfgVN3TTUsq3dNP&sai=AMfl-YRchClc53ZXA0GrKFapd4hcmIkgS2_hI1bFBzOKcHL_sHEkyl9iUPR9xvPvDGYrOFVs7NLkOxehE-nDOgv7h_dRy0bNkspcxnBzizAd6u9-4ScMW_RAeRXFUYgxtvFo7Mt107YCK0zYew4&sig=Cg0ArKJSzC4lrLBUAlwTEAE&cid=CAASF-Rogfyac76lFOab7_A349y3qvBeClic&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3550170672&rs=2&la=0&cr=0&vs=4&r=v&rst=1664444382948&rpt=923&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4EE4 42 B
64 B 94ms
94ms Fetch
image/gif 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4Fo2vW_XErghVpJ2y3j3dMvM0kc57GTt9wtmt8CczX9OjPtEbNnc2so5iPuFjaEsuOkdRfYexWO6lBIKFkdc7Xqt5IdxcQDYwtz1acVzLqCwVTsLo9mZ0QqamKWo3WVY4vbWYBUL1U7cH3UsuFOo5NsLDYETAw72aVftMb0XVvDDnD76dEC6gW5rZTwLCxCxQKUoUWKbKFQLnD4vDFnlAGHMx_2f-FYnkT9GN9VF3G-tgEoPLZGNkV8bT-kRr9Yjq5hBVV__LzBuKZR8ZtJ38CeUHqvDIcfJhwc5OXExsEg2QH7qsdbpSs0gokctmpOlqc4z6euzHYEsDfu4oT0iuJNCNg-t3HVrpLgsIL84cXVsYlxtkjVpYFQTy_29yW4bWuaCiKRD1505Qu7bcG2RFBS9aBCtysIdLI8U1TOsp-oJLvgYfAYKTnjc77Sgy5AZwmK2tLeIVp4PhCUhWfiQV8jndtbSegXiM4QXnJHb97B7_5CMIZMfxEFLmDQR1qIylq4b9hVhLbn0X7fbepVjlgTIyvBl0_iIfdORzNUs_qJ489lB0yQNdPSTE-cQtac5CJrv_6XA2k6nlMCIPoMcxOWM1EhIiVN6eN1hx-pT8BeBi4BngFWaPvsUsVVoslgiMWE0K2XNTGw0EBsZ4xQCNRzTqfyXrU00BFepzjfOytugA2FgEDECveVCXkjNJdeKwVDZDOzLMtA659ulXeN8Dm0Pz8PcoXr0IKnt9qBJd6iTPDQg2uiE5NWYdCyQa7N8h32BvXzDRoUpcpt4k-Xg-gVDMkA_uDM3W0s_aLQvXs_zumdPHmNHF-cXw3o34lpnUFHOFv1EVxkbnR2KW_R7yJ1GR1rCdASqiQLgHe4cNIWP3iq3UBX01prfApta2EoYw3kVe1jk6oTLVc9IHba1RyRdTpPNUzmcOFliwKv5kERIRyuWXmXGQ9B1WTkXrpM7Qngsa&sai=AMfl-YSPv_L1o8sgqJ4p8atQ9FLHIEXsI_xIUdwXAdYbq5dw4OZmpZX219S2n_aW5iLEB305uvYNJE4MYuuxTK7UOzWBmgQHw9GJBulmYHSPMixMm1cKBzJ65Yi-Ccsv9okrKKcHF513bx1_Jxc&sig=Cg0ArKJSzFu7o7OPPbsXEAE&cid=CAASF-RoX2HUIGC2-onBwPv9ppc5qGNJzLJx&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3575758226&rs=2&la=0&cr=0&vs=4&r=v&rst=1664444382951&rpt=977&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Sep 2022 09:39:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFufuX5J1IXuICjF4dlR0mc&google_cver=1&google_push=AZmPxg8DQB3PTyPNJAVnlRUFhy-6YpY7mYaAxQqsmEN7MFZFcPiVsgGfDHL5ate9hZgIh-L4SsZFIRAFghlsYd18T4tTwXwaUhc

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bitbenderz.com/	1970-01-20 15:42:20	Name: __gads Value: ID=0834d9717d570525-22d6a49c32ce0015:T=1664444381:RT=1664444381:S=ALNI_MZLMMQ-LmmOAyHpi9_A1WEx-P5Rxg
.doubleclick.net/	1970-01-20 15:42:20	Name: IDE Value: AHWqTUm8We9f2D7ibzIeUZ2h6HajAzoJC7XCbeCoWUyu7e9IOkudFEIZwrvxAZtd-T8
.doubleclick.net/	1970-01-20 06:20:47	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 08:30:20	Name: d Value: ECQBCQGbJ4EA
.quantserve.com/	1970-01-20 15:50:58	Name: mc Value: 633567df-b07e9-27309-a0aa8
.agkn.com/	1970-01-20 15:06:20	Name: ab Value: 0001%3AOTwljr0s1S2NCi%2FS2NHgxyjvtSm5Qcyz
.agkn.com/	1970-01-20 15:06:20	Name: u Value: C\|0CEAqyCRfKsgkXwAAAAAAAQ13AQCAAQpAAAAAAA
.casalemedia.com/	1970-01-20 15:06:20	Name: CMID Value: YzVn3.wJ9Sewh46aaHDGPwAA
.casalemedia.com/	1970-01-20 08:30:20	Name: CMPS Value: 1189
.casalemedia.com/	1970-01-20 08:30:20	Name: CMPRO Value: 1189
.casalemedia.com/	1970-01-20 08:30:20	Name: CMTS Value: 5154
.e.dlx.addthis.com/	1970-01-20 15:50:58	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:50:58	Name: na_id Value: 2022092909394400051277231279
.addthis.com/	1970-01-20 15:50:58	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:50:58	Name: uid Value: 633567e07d9a3ac9
.addthis.com/	1970-01-20 15:50:58	Name: ouid Value: 633567e0000169c9d5b4186206b383008010b81f6398438c6cbc
.dlx.addthis.com/	1970-01-20 07:03:56	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:03:56	Name: na_sr Value: 20220929
.dlx.addthis.com/	1970-01-20 06:20:44	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:03:56	Name: na_sc_e Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg9vNPv0mdf33C0p-szsWJsq1rp1a4f6yGqYW5vlw3EDhD1Mmn1VNh54D_N_qWpSDxu1dPpvbou0NoMw7XAUd1Kro3RSYmud&google_gid=CAESENZEQB0ylmfsZb9Da86G6M8&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFufuX5J1IXuICjF4dlR0mc&google_cver=1&google_push=AZmPxg8DQB3PTyPNJAVnlRUFhy-6YpY7mYaAxQqsmEN7MFZFcPiVsgGfDHL5ate9hZgIh-L4SsZFIRAFghlsYd18T4tTwXwaUhc Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
bitbenderz.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
maxcdn.bootstrapcdn.com
p4-djetnlqqeu2oq-zh67n23jwhyaq7ox-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
ssum-sec.casalemedia.com
storage.googleapis.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
googlecm.hit.gemius.pl
104.18.19.126
172.217.20.2
185.64.190.78
2001:4de0:ac18::1:a:2a
216.177.141.16
216.58.212.131
23.7.201.234
2606:4700::6812:bcf
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2010
2a00:1450:4001:812::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400d:805::2002
2a00:1450:400d:805::200a
2a00:1450:400d:807::2004
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
3.124.130.212
35.227.252.103
35.244.174.68
69.173.144.138
0021fcf6011bbb68d059ae5ebda2cc09c8bee217a8b65868072cd991b8e5e564
01759ac776f701733c47ed5c672218e0e0cf146fd6fc2c11f5f8fd16b797cd66
07089d769007497428554bc6a43dfe4154c45600615da9a650744bbeb73eed0a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5809f2bae01d0edd4f4b02b86ad374709469748539a4d43cb9377043086fd5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
187eb517154bbd2784cee91f411f0e7147c894240b9667a7b4540c2e8e2d9231
1a0d5758fe9b99e5702efbc4bd12a0410e9a3a64df7b18f116c2b3b8645e8507
2342d8d16ecf9b022a450e1e6ccb4d0b55998f2c4bf35da74e8b9e338f36f8cc
3c815ef53f57085cf65797bc6e68404c30989c462adb667ade3ccb47351b18ba
3cd551427b9abcd1774e89dcb1365fca219e909db743428734051e6f3a8d296b
3e95784d220c2817b2704de61fe66ef9bff7ec42250ee228640485a7a70eaf24
42909a49eebfdc079a43146884608b6f25beb20acfc7b4ff6cdb044a74427ec2
432b919c61f9f62efb4a131e94c3a34a8f79a2dfeb8fa1b434ebc89a091f7f9d
4d564c192a11fdf0b9788c3321b0596c82bd6632d51db2dbad2f83a4ffffe4b6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53f7f7e0a7ea23a4eef988ef893862718001eb57919e4234dd11bc8a620eab8b
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54595d2f1522cd9b116ced2680b45ba2324ae8f01c13d569f85b4b1e8ebafeae
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5a55f14d6cff21ac89df2f00ed5b2e6cfc4d6f9e06e2094866f70c83320914fe
5be139c04bf717102c3528f107eaf4586da106b2b2d6cc74c786a498ee7bb532
61c1617813ba03daefa428af04112115579f06387d14d1a19f2b8e71e140a6b0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ecd1d468c9b76bab77470c74f4c63e6b422df795600fa8343c84e9d2f4a1ab
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6dc14b613b023825042f3c8303483d692ee256a876bd69fcea2b6ee9cf5a4332
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70f20ae868ae59c06d1c20102c0951c5fcf99bad8f585ae4285bc95891e85a32
79664849785e87dbc827c1468867726cf8d253652a283b87bafe88e77a51c342
7b3e9ad12f345cceab425a7d83b8c451fcfe4ebf6ca1dc2593eab221895724b2
7ca029bc931ba99c7e0f45e0f3f5b5e7c56be794cca70964245ec1afdbc40386
7dfe15baeaf8698ae6d19380102fe67b52c139c89decf279a0ff71c6f27400a4
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
94217ee7990c505fb77ceff70625ee8b87a250a7109adafb79c29278b543c484
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
95696eb248f94b610e3d27b47c5f2232d8f93828291f3e95424b55260f59dcea
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aafb3ee79dc18d6ddc6b5c5503dc051c6e89d25a801b243cd4310ce7e0eac5ba
afaa74cb8c7aa9d77e2fc0fe000be821fadfd253928644d972b6a4c3dd7dbcb5
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0bc049b2d0429dbe131bfb3bb97f0849e076bfd77782788e075779486e5119e
b0bca14c02c62bedbb67c39e7fbe9ce35ff7a5f5623011c9a93031fb2787f433
b1b1228c38fa8159faed086888af07f50d69c5fa267b1718de4088345f905977
b3bf58195937f7a27fa36f62584f1a81c3d11191c7a0e19a7b4ce17ab6351ac4
ba4e8695a0ac4abccfe916e44a8358356a9a1a7f39dbe4c36eabc529c136b42d
bf4d221ddef7234ed2abb263a64c0bf2ca5ca334a13640b1d95ff9b31bb552d1
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c8bb336a34fff4f0be26b9374be47a0a34e9391c9986b1ab93992f8ea8b1a281
c9da0c33940229054acecf1574acc71934db9ce5915638b3cd717a0890ef5142
d120cdf32ee6b4f71fe5b70d111e616ce4a861f055bee21d8851359892f4a9bf
d1bacd17873c96bdbd350c12414feaac6d0b8cca24bf7c7a76fb2adca4da029a
d332af929a6d215587024f0f47db2356af610f5278cca2088be92d6571ed3c17
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d5e323ff3183531198a6459eb1755b1f73c5a4e752e8a4e2621c73ac97fa34bc
da705a417408b00803cdc4191cab1d9faa4ad258f2ed6a7b984e354f289ab963
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dba48be1c888b9d3aafbdb4988b38887c8059f881f30dd2d2634246451bd4925
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f197bbf284b0e8fb2e431c341fae4bc7a2e014a1230470f2b6e0e07f29f4bf
e7e32048b7ad787df7fce9871693ed646c4d283dbf1bf7672a21d81eef817756
e9e7a339f40066fd509d412506a90c5083cda8c4d4883772ac948f12709077c2
eaa466ee89bab1576d1ce7c8bd0868d3959d149cf7f3d1bb1c85e927b6869e23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f091777eb832f5e8a0b6ae923d012341f40aef70af45f2fcae8d26252fd0573b
f1e1468cef7a7583160dc06f2929bd3b02d827f298aaff379287a001fb819230
f302130151d2110be1959331968bb7fd4ec77a6ab66c9859e91bb05bb27b1c68
f31b667b70b2753bcbffa65bfbbd0120ce3d37cace0bb6b26fb41e91508064e2
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
febe8a7bfa5885ec195c5e6cfb6a9b1b3b27890a2ec586329771948f8e98c1dc

bitbenderz.com Open in urlscan Pro 216.177.141.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

115 Requests

63 %HTTPS

60 %IPv6

20 Domains

26 Subdomains

22 IPs

7 Countries

2201 kBTransfer

4007 kBSize

20 Cookies

7 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bitbenderz.com Open in urlscan Pro
216.177.141.16 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

63 %
HTTPS

60 %
IPv6

20
Domains

26
Subdomains

22
IPs

7
Countries

2201 kB
Transfer

4007 kB
Size

20
Cookies

115 HTTP transactions
4 data transactions