biiut.com Open in urlscan Pro
104.237.2.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://biiut.com/read-blog/55557
Submission: On March 15 via manual (March 15th 2023, 4:21:57 am UTC) from IN — Scanned from DE

Summary HTTP 158 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 25 IPs in 9 countries across 35 domains to perform 158 HTTP transactions. The main IP is 104.237.2.51, located in Dallas, United States and belongs to NODISTO, US. The main domain is biiut.com.
TLS certificate: Issued by R3 on February 7th 2023. Valid for: 3 months.

This is the only time biiut.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	104.237.2.51 104.237.2.51	394727 (NODISTO) (NODISTO)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
16	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	38.146.40.19 38.146.40.19	395717 (BLUEARCHI...) (BLUEARCHIVE-ZONE-1)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 25	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
18	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.78.222 139.162.78.222	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	3.67.240.173 3.67.240.173	16509 (AMAZON-02) (AMAZON-02)
1 1	20.127.253.7 20.127.253.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1 1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	70.42.32.255 70.42.32.255	13789 (INTERNAP-...) (INTERNAP-BLK3)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
2 2	52.208.99.252 52.208.99.252	16509 (AMAZON-02) (AMAZON-02)
1	52.192.206.43 52.192.206.43	16509 (AMAZON-02) (AMAZON-02)
1 1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
158	25

32 104.237.2.51 (Dallas, United States) 1 redirects

ASN394727 (NODISTO, US)
PTR: shoppingvalue.net

biiut.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 38.146.40.19 (Malden, United States)

ASN395717 (BLUEARCHIVE-ZONE-1, US)

s3.us-west-1.wasabisys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1558-222.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.240.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-240-173.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.127.253.7 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sync.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States) 2 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.99.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-99-252.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.206.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-206-43.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	466 KB
32	biiut.com 1 redirects biiut.com	1 MB
29	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	235 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	211 KB
11	wasabisys.com s3.us-west-1.wasabisys.com — Cisco Umbrella Rank: 82468	216 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	5 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	194 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8720	818 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2213	793 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 530	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 575	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 515	69 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 354	949 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1444	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 754	15 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1283	456 B
1	bluevoox.com 1 redirects im.bluevoox.com — Cisco Umbrella Rank: 12904	523 B
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 5545	44 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 823	498 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2828	1 KB
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1500	173 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 736	719 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 408	1 KB
1	inmobi.com 1 redirects sync.inmobi.com — Cisco Umbrella Rank: 1589	713 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 706	340 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 15731	559 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 31897	611 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	593 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	87 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	44 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	44 KB
158	35

	Domain	Requested by
32	biiut.com	1 redirects biiut.com
25	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	cm.g.doubleclick.net	googleads.g.doubleclick.net biiut.com
16	pagead2.googlesyndication.com	biiut.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	s3.us-west-1.wasabisys.com	biiut.com
8	fonts.gstatic.com	fonts.googleapis.com
6	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	biiut.com googleads.g.doubleclick.net
5	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	match.360yield.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	match.sharethrough.com	googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	dsp.adfarm1.adition.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	unpkg.com	1 redirects biiut.com
1	trace.mediago.io	1 redirects
1	im.bluevoox.com	1 redirects
1	cc.adingo.jp	googleads.g.doubleclick.net
1	sync.go.sonobi.com	googleads.g.doubleclick.net
1	a.rfihub.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	um.simpli.fi	1 redirects
1	id5-sync.com
1	sync.inmobi.com	1 redirects
1	onetag-sys.com	1 redirects
1	a.c.appier.net	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	connect.facebook.net	biiut.com
1	www.googletagmanager.com	biiut.com
1	cdn.jsdelivr.net	biiut.com
158	39

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
api.whatsapp.com
pinterest.com
www.amazon.in
www.memoryfoampillow.net

Subject Issuer	Validity	Valid
biiut.com R3	`2023-02-07` - `2023-05-08`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.s3.us-west-1.wasabisys.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-04` - `2023-11-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-22`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-02-12` - `2023-05-13`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://biiut.com/read-blog/55557
Frame ID: F6FE39FA0C8294A2F3F34A45F4A13FFC
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html
Frame ID: FCE38CFC932716A8610B108F79AC1B4F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&adk=1812271804&adf=3025194257&lmt=1678854112&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854111902&bpp=7&bdt=1470&idt=188&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=760388147631&frm=20&pv=2&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219
Frame ID: 822D1D6BE2837B3FC8FEB55A207E4698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8
Frame ID: A5C12983B9D4FF5BBCBA731641D54B33
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16
Frame ID: 54FAE0B608A7801069ADEDEABC951103
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1973347523&pi=t.aa~a.122774332~i.25~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=1&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=x72acE2DRJ&p=https%3A//biiut.com&dtd=21
Frame ID: 0461810A1391F072B56CD42B7B6B3255
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4101F96E69CEE89042FAE58616BE6AD2
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E42FDA0B386F103A62B78955C7A3845B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E37FC5CBD789CF1DF61456207D89E6CD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: E518C3CB7716211E2F0CE6A88B703843
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E9B0B1E8D4F785B2874B1AFC00DB4F8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BCC14ABD533F0AA1DDE9BD56D3D00231
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B14B9B6F0CFDF5E4042AC4D464B5E631
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: C9E22F3800310136042D6F069EA78F6E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: 446F020D0A92C9BC501C12C6769C64F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js
Frame ID: D9B15B5D8850C73C4BBAC8555D7B0310
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9521C48EFB44A51EBC64FD2B95AE1159
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 488B2FC9EA16B47FD4749265B9445C80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A Beginner's Guide To Using An Aroma Diffuser

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Flickity (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/flickity(?:\.pkgd)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

158
Requests

88 %
HTTPS

41 %
IPv6

35
Domains

39
Subdomains

25
IPs

9
Countries

2575 kB
Transfer

7917 kB
Size

43
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://biiut.com/read-blog/55557_a-beginner-039-s-guide-to-using-a-aroma-diffuser.html
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?text=A%20Beginner%27s%20Guide%20To%20Using%20An%20Aroma%20Diffuser&url=https://biiut.com/read-blog/55557_a-beginner-039-s-guide-to-using-a-aroma-diffuser.html
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://biiut.com/read-blog/55557_a-beginner-039-s-guide-to-using-a-aroma-diffuser.html
Title: Share to Linkedin

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://biiut.com/read-blog/55557_a-beginner-039-s-guide-to-using-a-aroma-diffuser.html
Title: Share to WhatsApp

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https://biiut.com/read-blog/55557_a-beginner-039-s-guide-to-using-a-aroma-diffuser.html
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.amazon.in/ReNe-Maurice-Essential-Diffuser-Ultrasonic-Humidifier/dp/B07MVCQQBL
Title: aroma diffuser

Search URL Search Domain Scan URL

URL: https://www.memoryfoampillow.net/how-to-use-rene-electric-aroma-diffuser/
Title: How To Use Rene Electric Aroma Diffuser

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://biiut.com/read-blog/style.css HTTP 302
https://biiut.com/

Request Chain 25

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js HTTP 302
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC39PXNmgEQ0A8Y9AMyCNipC7SEG4zk HTTP 301
https://tpc.googlesyndication.com/simgad/3953431504011786656

Request Chain 128

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENWm0gYrSmucs4sf2bWnjcE&google_cver=1&google_push=Aa02lx9NIsxCXZycFns0yYku8oi9NdO1vfp8aa-4KL2SGXfIbTb4DVHy6dcoQR_xTJIQ9bV3DS5dPlvsulCBNDARxhJtPHaitGY8fLaw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9NIsxCXZycFns0yYku8oi9NdO1vfp8aa-4KL2SGXfIbTb4DVHy6dcoQR_xTJIQ9bV3DS5dPlvsulCBNDARxhJtPHaitGY8fLaw&google_hm=9gsxPV0PQwW2eLywfX0QFx0

Request Chain 129

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFmy2vslaSWL_3Q0UIVN7mQ&google_cver=1&google_push=Aa02lx8lYZ08njrElxeoh8lXGHmdIbbj-kqpqSLbW1RHe3rWtC2XXQSsv7eTvRHE4TlSYnEB1TkiVQ8jehex1JAVbxq6W_vA6VEYdbE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTc5MDQ5MA%3D%3D&google_push=Aa02lx8lYZ08njrElxeoh8lXGHmdIbbj-kqpqSLbW1RHe3rWtC2XXQSsv7eTvRHE4TlSYnEB1TkiVQ8jehex1JAVbxq6W_vA6VEYdbE

Request Chain 130

https://a.c.appier.net/gcm?google_gid=CAESEKjP6RVL6P9UL_hknNa5-QQ&google_cver=1&google_push=Aa02lx81Qb2zoEc3Il9oQQHr2pjr2QE7wRZ85HZLSs9xIwpCmjNSm-BKgJ32tduTI5CYsIwEMLxtgLaks9uoyNFR-LrKOZlS0mtC6aSq HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QVFIaWNRQmpDR21DM1J4aTRVY1JaQQ%3D%3D&google_push=Aa02lx81Qb2zoEc3Il9oQQHr2pjr2QE7wRZ85HZLSs9xIwpCmjNSm-BKgJ32tduTI5CYsIwEMLxtgLaks9uoyNFR-LrKOZlS0mtC6aSq

Request Chain 131

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOldIGUvYAM_8psxiKjmiXQ&google_cver=1&google_push=Aa02lx-5qCPAUCMyPY2lGDJiKPWI3jPwdE2S1cdvUQNsKhCisWDuHdKfjxV1I4xxy-QNMuH-_DDMKhM5WC7c1HtXqpVmwRCLhuuDw_jL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-5qCPAUCMyPY2lGDJiKPWI3jPwdE2S1cdvUQNsKhCisWDuHdKfjxV1I4xxy-QNMuH-_DDMKhM5WC7c1HtXqpVmwRCLhuuDw_jL

Request Chain 132

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDeK7l6RxqsONALkDC7ufoU&google_cver=1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI4ftPoi HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI4ftPoi&google_gid=CAESEDeK7l6RxqsONALkDC7ufoU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI0MzEwODY3NzY3NTI3NzkzNzc1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI4ftPoi

Request Chain 134

https://sync.inmobi.com/gob?google_gid=CAESENIm7LMvLSMu_xbBg_IhOGY&google_cver=1&google_push=Aa02lx9TNNNDTs-i-axr7viBeWkoEw2JLMJI_E6SC-QPPhisxhRqrM5f8RTkyvLfbriu9FQQ8ULqJ7TRI0Q5gSaVcbO06w6G5m4Rnh8hyg HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9TNNNDTs-i-axr7viBeWkoEw2JLMJI_E6SC-QPPhisxhRqrM5f8RTkyvLfbriu9FQQ8ULqJ7TRI0Q5gSaVcbO06w6G5m4Rnh8hyg

Request Chain 136

https://um.simpli.fi/gp_match?google_gid=CAESEJQTBN3dn-wNaRSVmw4z9WM&google_cver=1&google_push=Aa02lx92cpBkO3zVpTf8CmajyEIADsRvVJ_6SV6y5B6JLkBHis0RFh0Z8xBwLqB6EjCiWEi_WUyTFFhUJud-AGZvNU1DO-ExmuzthquM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DCD26DE5EEC402096EE9554EBE3006B&google_push=Aa02lx92cpBkO3zVpTf8CmajyEIADsRvVJ_6SV6y5B6JLkBHis0RFh0Z8xBwLqB6EjCiWEi_WUyTFFhUJud-AGZvNU1DO-ExmuzthquM

Request Chain 138

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHMdjqb7V97W1vkorc8I6mk&google_cver=1&google_push=Aa02lx-_3ig6S7AquJ6Wi047TSuQog4qjoIp8WeLVl38YdBjb_9DLv8O70520Ia4zysVIGaArAm1LMXWSn4K86PbVl9IVO_cBiSG4Hw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTcyNDk1Mg%3D%3D&google_push=Aa02lx-_3ig6S7AquJ6Wi047TSuQog4qjoIp8WeLVl38YdBjb_9DLv8O70520Ia4zysVIGaArAm1LMXWSn4K86PbVl9IVO_cBiSG4Hw

Request Chain 139

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKs3DPI45oUii5eTgCe7b2k&google_cver=1&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBRa0ZABjsX_GCsq7uDMoZk0Ru-c HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKs3DPI45oUii5eTgCe7b2k&google_cver=1&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBRa0ZABjsX_GCsq7uDMoZk0Ru-c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDcxNDY0NzYxOTUzNzQ3Mw&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBRa0ZABjsX_GCsq7uDMoZk0Ru-c

Request Chain 140

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAtNUDWGAQNh-aWPYmeuweM&google_cver=1&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUmltSeYh4zGPLX6M HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAtNUDWGAQNh-aWPYmeuweM&google_cver=1&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUmltSeYh4zGPLX6M&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUmltSeYh4zGPLX6M&google_hm=GUAlsGZHoalFA0KaSjeJGk4t

Request Chain 141

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMVLIpGOvB-sVHpkeR9-zoM&google_cver=1&google_push=Aa02lx_FVmF0-3tjPbciUJ1LtjbD-8p_GdLRIm0g4zxi_kPEdDFN5gYQKEbZr0UHKSq5DAGZ9qtgDipkenN-5L8ZzEe-4XK8CZwY6FfWew HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx_FVmF0-3tjPbciUJ1LtjbD-8p_GdLRIm0g4zxi_kPEdDFN5gYQKEbZr0UHKSq5DAGZ9qtgDipkenN-5L8ZzEe-4XK8CZwY6FfWew&google_hm=OTM5ODA1MTUwMTEwNDE3NDMy

Request Chain 142

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEBOitCv97HOzz7ejPM15LHU&google_cver=1&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuTH4L9jepYb0LIcNLOKrk0CVA_kVOyg HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEBOitCv97HOzz7ejPM15LHU&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuTH4L9jepYb0LIcNLOKrk0CVA_kVOyg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuTH4L9jepYb0LIcNLOKrk0CVA_kVOyg&google_hm=YW9oc1FzZUJ1MElvS3p0RkJncjI=

Request Chain 144

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_cver=1&google_push=Aa02lx945EdPCY_fBPNOtOPeho3JAdFl_hVvLdGdCEkzxP8tVl1osx9-MaY_ybjgUM5Nys1y4Z-85AA8pqUdNki2_qZoWRXYB0rqxfEQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_push=Aa02lx945EdPCY_fBPNOtOPeho3JAdFl_hVvLdGdCEkzxP8tVl1osx9-MaY_ybjgUM5Nys1y4Z-85AA8pqUdNki2_qZoWRXYB0rqxfEQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_hm=ZBFH4YcbbyxeuMOYzU5uUgAACJwAAAIB&google_nid=index&google_push=Aa02lx945EdPCY_fBPNOtOPeho3JAdFl_hVvLdGdCEkzxP8tVl1osx9-MaY_ybjgUM5Nys1y4Z-85AA8pqUdNki2_qZoWRXYB0rqxfEQ

Request Chain 146

https://match.360yield.com/match/ebda?google_gid=CAESEMA9abxQlKgWSYHaupa8__A&google_cver=1&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQDMGYIOzBCT6--kvd3 HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMA9abxQlKgWSYHaupa8__A&google_cver=1&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQDMGYIOzBCT6--kvd3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=E0E1DojYSWyO3Io125cqYA&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQDMGYIOzBCT6--kvd3

Request Chain 148

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECW5Tsde1KM-nj9aw9TGf0M&google_cver=1&google_push=Aa02lx9RVWAmWfu30LTEpYMlS7ttU0sWSuJEzKeBqHWs7X_UJpSR1GIlTaOgtChYzT_kYHf0GrtqVl2NeW41W81C5SpUnmX_e_fgH3JzfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx9RVWAmWfu30LTEpYMlS7ttU0sWSuJEzKeBqHWs7X_UJpSR1GIlTaOgtChYzT_kYHf0GrtqVl2NeW41W81C5SpUnmX_e_fgH3JzfA&google_hm=QlMuYmI0MC1lMGNkLTQ3YzgtODgxOA==

Request Chain 150

https://trace.mediago.io/cs/google?google_gid=CAESEFId5UKdsKngoCf8PHxetSY&google_cver=1&google_push=Aa02lx_dBo9Nhj4II_WL-FVxExZHG_XZa38BnwEOFf7nj3fcglJ3mzuk-EHj00vn0msAIvITJ2iDvG8FbOhWED8kPp1MRDdJj9jjxzHMZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_dBo9Nhj4II_WL-FVxExZHG_XZa38BnwEOFf7nj3fcglJ3mzuk-EHj00vn0msAIvITJ2iDvG8FbOhWED8kPp1MRDdJj9jjxzHMZA&google_hm=2eb9d881e1b6300fd429763dd2426d63

158 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 55557 Show response
biiut.com/read-blog/ 194 KB
54 KB 3662ms
2901ms Document
text/html 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 10b49c7e28a4418531647ec1e037a265ec98e067dcc3d9a3ddb6d605955312e0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 15 Mar 2023 04:21:47 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@5.9.55/css/ 268 KB
44 KB 69ms
18ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@5.9.55/css/materialdesignicons.min.css

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 15 Mar 2023 04:21:50 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 1800070
x-jsd-version: 5.9.55
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44082
x-served-by: cache-fra-eddf8230069-FRA, cache-hhn-etou8220043-HHN
x-jsd-version-type: version
etag: W/"42ee2-CKTXny4oZWgGaKw+ActLLIvSXKE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

/
biiut.com/
Redirect Chain

https://biiut.com/read-blog/style.css
https://biiut.com/

104 KB
25 KB

695ms
695ms

Stylesheet
text/html

104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: a2da02163db902793c4bfc3a2b40a0555176ae2971339ec4cec0bb1f107b4fa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 24729
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:50 GMT
server: Apache
content-type: text/html; charset=UTF-8
location: https://biiut.com
cache-control: no-store, no-cache, must-revalidate
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 internetconnetion.css
biiut.com/themes/Biiut13/stylesheet/ 1 KB
543 B 263ms
256ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/internetconnetion.css
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 923c682c2c4419614f27aca2b64d30641c0fa58cc6778f0f538219b7a7016ae6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Sun, 08 Jan 2023 19:25:38 GMT
server: Apache
etag: "512-5f1c59d921080-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 395
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 120ms
59ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4560798559938298

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6de5456b614ff897853faa2d26597bd3127fea58d1d256d7c32eee342423936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Origin: https://biiut.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48519
x-xss-protection: 0
server: cafe
etag: 3937998449718612868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:51 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 88ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Readex+Pro:wght@300;500&family=Roboto:wght@400;500&display=swap

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c687f6b1f8bbbe02f68cc724afdbef7e7954f58fb38473b1b82d0c2e32c652a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 04:21:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 04:21:50 GMT

GET
H2 200 general-style-plugins.css
biiut.com/themes/Biiut13/stylesheet/ 377 KB
55 KB 267ms
260ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/general-style-plugins.css?version=2.6.3
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 31bf132414b94f78150182de95e509e584292fa381599d8d8b9ecbd8f4d6de6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Tue, 03 Jan 2023 07:14:41 GMT
server: Apache
etag: "5e2e1-5f156d2487a40-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 56051
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 twilio-video.min.js Show response
biiut.com/themes/Biiut13/javascript/ 627 KB
119 KB 268ms
261ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/twilio-video.min.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 5aefdd61b6f9d3c22f4f949d878696bffee60cc009f02c0e0e665faad3d51490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 09:50:46 GMT
server: Apache
etag: "9cd52-5e6950838a980-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 style.css
biiut.com/themes/Biiut13/stylesheet/ 385 KB
76 KB 268ms
261ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/style.css?version=2.6.3
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 00ca801cf6dd34726490fc1d0b3ab73a0bd59948beda8b60a6ab453c63c95a24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 07:15:15 GMT
server: Apache
etag: "60553-5f5d1794cc258-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 font-awesome.min.css
biiut.com/themes/Biiut13/stylesheet/font-awesome-4.7.0/css/ 30 KB
7 KB 264ms
257ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/font-awesome-4.7.0/css/font-awesome.min.css
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 4e3db43e0e3bb334dda61e4f492c3652816bd25f0a7c015e9bab01997b3c3e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2017 14:18:26 GMT
server: Apache
etag: "7918-5575844c43080-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7052
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
biiut.com/themes/Biiut13/javascript/ 385 KB
110 KB 668ms
661ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/jquery-3.1.1.min.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 0768119997d40c04b6089821d3f39588f7b1bab944317b38f775e03c30424c3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 08:14:24 GMT
server: Apache
etag: "60402-5c7250f105800-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
biiut.com/themes/Biiut13/javascript/ 1 KB
679 B 533ms
526ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/jquery.ui.touch-punch.min.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 80583b000cf3233a28609fa79cfc84bc659b98d097f8ae64852d1027dd612823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 09:52:04 GMT
server: Apache
etag: "515-5e6950cded900-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 601
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 bootstrap-select.min.css
biiut.com/themes/Biiut13/stylesheet/ 11 KB
2 KB 264ms
259ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/bootstrap-select.min.css
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 01:32:30 GMT
server: Apache
etag: "2bb0-5e848a2ca2780-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2250
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 bootstrap-select.min.js Show response
biiut.com/themes/Biiut13/javascript/ 52 KB
16 KB 664ms
659ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/bootstrap-select.min.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 424c9f2c32b92bcdca3656b8cc199e975ef7aef76cdd3cc8386fd435d66d5a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Sat, 10 Sep 2022 01:33:26 GMT
server: Apache
etag: "d194-5e848a620a580-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15954
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 plyr.js Show response
biiut.com/themes/Biiut13/player/ 108 KB
32 KB 666ms
660ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/player/plyr.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 8511b3608ee3391e3f6a006ea476f62ddce8cfff29115277d56bf1c555341821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 22 Jul 2022 09:05:06 GMT
server: Apache
etag: "1b124-5e46121591480-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 32615
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 wavesurfer.min.js Show response
biiut.com/themes/Biiut13/player/ 67 KB
15 KB 536ms
531ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/player/wavesurfer.min.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 4dd7ca26366191c4c87d0da61ec047712e0631ec11e521d7a184a048499d27eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 08:20:22 GMT
server: Apache
etag: "10c32-5c7252466fd80-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 15252
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 wavesurfer.cursor.min.js Show response
biiut.com/themes/Biiut13/player/ 5 KB
2 KB 534ms
529ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/player/wavesurfer.cursor.min.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 920cd13901db3df43b834b71583becded744b238626e6a84715177b2ab6f9f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 08:22:06 GMT
server: Apache
etag: "12cd-5c7252a99e780-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1730
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 html2pdf.bundle.js Show response
biiut.com/themes/Biiut13/javascript/ 687 KB
172 KB 665ms
660ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/html2pdf.bundle.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: f81601bcbb0d05f59578d7a7cb0b283d8ede32c0da454b7f9f9c66d865220315

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 09:55:12 GMT
server: Apache
etag: "aba9c-5e69518138000-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 qrcode.js Show response
biiut.com/themes/Biiut13/javascript/ 33 KB
10 KB 539ms
534ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/qrcode.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: c3180e12eb685444ab411102850ff11a8dbf30e573348e0ad8a82cefb49132f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Tue, 12 Oct 2021 12:52:30 GMT
server: Apache
etag: "83f6-5ce275180df80-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9825
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 81ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-250156518-1

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

565c02dd7081dc18a9c22f7878fdf85cd6e9f9dee378f78c992a29e98aaf14f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44667
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 Mar 2023 04:21:51 GMT

GET
H2 200 sdk.js Show response
biiut.com/themes/Biiut13/javascript/ 3 KB
2 KB 538ms
533ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/sdk.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: f340702ac88c0389c054af1fb8af14bd12bfeb2ad600add390409aff7e83b097

Request headers

Referer: https://biiut.com/read-blog/55557
Origin: https://biiut.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 09:57:56 GMT
server: Apache
etag: "c2e-5e69521d9f100-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1673
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 socket.io.js Show response
biiut.com/themes/Biiut13/javascript/ 67 KB
20 KB 536ms
532ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/socket.io.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: fb7bd3f8e05835e2b81aacb7207cedd7e908f52f46fbae03e72c1908da987b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 08:13:12 GMT
server: Apache
etag: "10c28-5c7250ac5b600-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20021
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 jquery.adaptive-backgrounds.js Show response
biiut.com/themes/Biiut13/javascript/ 4 KB
2 KB 533ms
529ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/jquery.adaptive-backgrounds.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 1b68bc7f2116741a1416a43a9e253d79afbcb25b603ab544c7fdf79c5959b468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 10:02:54 GMT
server: Apache
etag: "1093-5a7cc10686f80-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1542
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 bootstrap-tagsinput.js Show response
biiut.com/themes/Biiut13/javascript/bootstrap-tagsinput-latest/src/ 21 KB
5 KB 538ms
535ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/bootstrap-tagsinput-latest/src/bootstrap-tagsinput.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 6838daba9201ad885ef13c42f4570ff1caea4d4fd602f491493cbbcd038aea7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2015 16:26:42 GMT
server: Apache
etag: "5270-523913e0fb480-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 5480
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 linkedin.css
biiut.com/themes/Biiut13/stylesheet/website_mode/ 3 KB
1 KB 261ms
258ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/website_mode/linkedin.css?version=4.1.5
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 7318cacab2a05d8689ce8696b1a5b7950cb734234ac68ed94f086f92c44159fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Sat, 12 Feb 2022 05:02:30 GMT
server: Apache
etag: "d45-5d7cb17222580-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1104
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 linkedin.js Show response
biiut.com/themes/Biiut13/javascript/website_mode/ 0
69 B 531ms
528ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/website_mode/linkedin.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
last-modified: Mon, 29 Nov 2021 12:12:42 GMT
server: Apache
etag: "0-5d1ec5b8ce280"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 0
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2

200

flickity.pkgd.min.js Show response
unpkg.com/flickity@2.3.0/dist/
Redirect Chain

https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

56 KB
15 KB

29ms
29ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1601127
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FWP622BYRXFVCXYZMWPZHQXH-fra
server: cloudflare
etag: W/"e136-ppFLVfsImDkhRKQGmGrAD36fhGA"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7a81f8cecea19975-FRA

Redirect headers

date: Wed, 15 Mar 2023 04:21:50 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GVHQTRJ6WV0A8GW63194P7Q4-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 220
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /flickity@2.3.0/dist/flickity.pkgd.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7a81f8ce9e759975-FRA

GET
H2 200 green-audio-player.css
biiut.com/themes/Biiut13/javascript/green-audio-player/ 5 KB
1 KB 262ms
259ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/green-audio-player/green-audio-player.css
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 50fa6eada22f53cb20d2461bbd4a4ef64b69f7a0af4d3e1c308183abdd30381f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 11 Feb 2022 06:12:48 GMT
server: Apache
etag: "1487-5d7b7f4b45800-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1265
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 green-audio-player.js Show response
biiut.com/themes/Biiut13/javascript/green-audio-player/ 27 KB
6 KB 533ms
530ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/green-audio-player/green-audio-player.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: a8809d962a56732e4db4cdea94557fc29c8179b7bed5d5ad70e90bfde650115e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Tue, 24 Mar 2020 17:59:36 GMT
server: Apache
etag: "6b20-5a19d83c1b200-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6417
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 flatpickr.min.css
biiut.com/themes/Biiut13/stylesheet/ 16 KB
3 KB 263ms
260ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/flatpickr.min.css
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: a67742a9db92c3f1fba7aad828ca1c55f0a7d35084fc8d2befd315a556d2b83d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 10:16:06 GMT
server: Apache
etag: "3f32-5e69562d20580-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3040
expires: Fri, 14 Apr 2023 04:21:50 GMT

GET
H2 200 flatpickr.js Show response
biiut.com/themes/Biiut13/javascript/ 49 KB
14 KB 663ms
661ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/flatpickr.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: bd04bb4978d38fce197da3095bff68da165f6de18d2fc56ac5f1d7fb61c8e947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:50 GMT
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 10:18:54 GMT
server: Apache
etag: "c5f8-5e6956cd57f80-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14511
expires: Thu, 14 Mar 2024 04:21:50 GMT

GET
H2 200 3icon.png
biiut.com/themes/Biiut13/img/ 35 KB
35 KB 136ms
135ms Image
image/png 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biiut.com/themes/Biiut13/img/3icon.png
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: d3ab836bf8e4f7279e3d2acf59feaebdbd4965b063bcbcc225261ecb069f5e3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
last-modified: Sun, 13 Nov 2022 08:57:23 GMT
server: Apache
etag: "8c19-5ed564fa902c0"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 35865
expires: Thu, 14 Mar 2024 04:21:51 GMT

GET
H2 200 logo.png
biiut.com/themes/Biiut13/img/ 97 KB
98 KB 138ms
135ms Image
image/png 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://biiut.com/themes/Biiut13/img/logo.png
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 85e0166b7fcbfe659e1f32aa02265d0af2480bbd99d2d0a91cfcc53da14a4ed7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
last-modified: Fri, 14 Jan 2022 17:12:36 GMT
server: Apache
etag: "18592-5d58de8c6c900"
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 99730
expires: Thu, 14 Mar 2024 04:21:51 GMT

GET
H2 200 main.css
biiut.com/themes/Biiut13/stylesheet/ 367 KB
60 KB 151ms
151ms Stylesheet
text/css 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/stylesheet/main.css
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 4663200896ebda7217cd9ad5779273cb030138739612b065f0de950dece7e0ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: gzip
last-modified: Sat, 24 Dec 2022 11:02:30 GMT
server: Apache
etag: "5bc2a-5f090d69b1d80-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 61142
expires: Fri, 14 Apr 2023 04:21:51 GMT

GET
H/1.1 200
OK ZJq9QN28TGaDFoX8wU9l_17_296a5d09aae56000283eaaeb61442942_avatar.jpg
s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2022/11/ 4 KB
4 KB 558ms
208ms Image
image/jpeg 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2022/11/ZJq9QN28TGaDFoX8wU9l_17_296a5d09aae56000283eaaeb61442942_avatar.jpg?cache=0
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 6f28d38df567d7099218f91c1842f6943260abbc19339f0cdb8439c7e261e56d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 12:47:11 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 2398C356AE27CA3B
ETag: "193705a05527be3059f19cae0b223422"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 4142
x-amz-id-2: xfHROpp2DR71ryvHSkIROP9f97NYTHbbNC3FMCtCOfoq/Zy4L3hUPx3TEzXK93MmWZlFYDadpAUq

GET
H/1.1 200
OK w16Jokk67jymDBjUETiE_14_967f89642c698a9e58ebe80b96c165b2_image.jpg
s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2023/03/ 26 KB
26 KB 712ms
190ms Image
image/jpeg 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2023/03/w16Jokk67jymDBjUETiE_14_967f89642c698a9e58ebe80b96c165b2_image.jpg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: a2e1738435fa9cc3bee3dddac73a988a7c4b12a2cbd909bc00e82c0ce936ca8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Tue, 14 Mar 2023 08:48:01 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 21163C68B6E7DAFE
ETag: "5ba6f41c9d41da84322c9227a553f9d8"
Content-Type: image/jpeg
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 26224
x-amz-id-2: fhMMh6MC0wfgFwTiSQFABUs3HYJ7ibbCbpSaxfhsRD2rsF4eiqMF65EvSopw2gKHwSJkQqP1/6pj

GET
H/1.1 200
OK o8LwtiHJZ3lG1Sm2qjKe_27_28e4a134962b00fa0cac3f4ebb97320d_image.png
s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2023/01/ 27 KB
27 KB 761ms
236ms Image
image/png 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2023/01/o8LwtiHJZ3lG1Sm2qjKe_27_28e4a134962b00fa0cac3f4ebb97320d_image.png
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 2c8ab1c671ff89447449455910c278c1fbd8e1db477f0c32aa87d0424cf64261

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 27 Jan 2023 11:55:56 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: FE28FD34CE712523
ETag: "00022a17acb50630a9975894881e5d0f"
Content-Type: image/png
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 27208
x-amz-id-2: OwgNCPBrIkokr85VOAtdFQ4kaFPCPW0SyJ9ZaN2rQfOhSDk8vvO0hUNorDdTyVpidP3NJA3trFoj

GET
H/1.1 200
OK JZuR7vVbElzsPDSctpgM_13_00d6b9499f181dd55682f87e80e952fa_image.jpeg
s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2022/12/ 61 KB
61 KB 780ms
248ms Image
image/jpeg 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2022/12/JZuR7vVbElzsPDSctpgM_13_00d6b9499f181dd55682f87e80e952fa_image.jpeg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 3d48b8cafe750ee41f121acd16acf90de8f07e04b5a7f8a46c3073eec24c6026

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Tue, 13 Dec 2022 13:03:54 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 029216383F5FB9E8
ETag: "7e07b52d0cd2dcb3c4cc4740a908e37f"
Content-Type: image/jpeg
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 62206
x-amz-id-2: 0NZk4sgn+Ze6weRNak4ByemotwUVuVT2ExsoGBMI8qOFXKqK0hfDgLhlJZK2vl274ZDzlAko8Nht

GET
H/1.1 200
OK AXDDSTSKKndyOWJDK9pE_11_5817855521bd5d0d2957f303f71cdb68_image.jpg
s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2023/03/ 81 KB
81 KB 755ms
215ms Image
image/jpeg 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/photos/2023/03/AXDDSTSKKndyOWJDK9pE_11_5817855521bd5d0d2957f303f71cdb68_image.jpg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: dad48b8d492e76b2626678c443126dba1dec938a228611f7571abb3f86211a91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Sat, 11 Mar 2023 07:39:36 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 5D27EC8D61E179B9
ETag: "2fe4970d7fc38e968c4a7231286aacb1"
Content-Type: image/jpeg
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 82820
x-amz-id-2: qdPLzRqHTioH+KGE7HS33TC7XpMR3tVEjcR4Ofy7LQ+WRRN7ZCmmHSHpuEc+yTo0NY9mIp09WBCf

GET
H/1.1 200
OK EAufYfaIkYQEsYzwvZha_01_4bafb7db09656e1ecb54d195b26be5c3_file.svg
s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/ 2 KB
2 KB 718ms
170ms Image
image/svg+xml 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/EAufYfaIkYQEsYzwvZha_01_4bafb7db09656e1ecb54d195b26be5c3_file.svg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: cf835cf4068f4e57f593aa6d20c629f4c3b02518078beef1e438bc2e6c334597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 02:03:45 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: A50BF58474E411BD
ETag: "190985c69bd7df04f8fcaa53f72912c2"
Content-Type: image/svg+xml
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 1948
x-amz-id-2: WLS/J764Ccxsk+wgGmP7unUF2uxdfliDZQTi5pGLyuQUnMeYGaVs3JRrxZTf79c6fRWUvEAR3Knh

GET
H/1.1 200
OK 2MRRkhb7rDhUNuClfOfc_01_76c3c700064cfaef049d0bb983655cd4_file.svg
s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/ 758 B
1 KB 441ms
191ms Image
image/svg+xml 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/2MRRkhb7rDhUNuClfOfc_01_76c3c700064cfaef049d0bb983655cd4_file.svg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 4fd8a92c0fb92cb92284688822f06b16ce0ed6077d5c7bce687e9962d0fa9cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 02:03:46 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 5AF6375B008AA787
ETag: "ef5558affd802c9bec578534807bce20"
Content-Type: image/svg+xml
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 758
x-amz-id-2: WP6zY5eKn+MFL3U1TtQF3IRGtBbzvf5RzahTVkCFNoNqPoA4AST8ZoQsZh7bk/NYvZrkJlg5PK7k

GET
H/1.1 200
OK D91CP5YFfv74GVAbYtT7_01_288940ae12acf0198d590acbf11efae0_file.svg
s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/ 2 KB
2 KB 433ms
182ms Image
image/svg+xml 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/D91CP5YFfv74GVAbYtT7_01_288940ae12acf0198d590acbf11efae0_file.svg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 99fd5b173efa7b03e791fb79ba276034235a94e3035b6d5ff9c2e63b329cffc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 02:03:46 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 355185D1D92C7117
ETag: "3f592d741f1636b1247d1a0b17c7f267"
Content-Type: image/svg+xml
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 1911
x-amz-id-2: AqM9IjQDECydeOjXcVqBMSFHMjlNBnMEU0JGQK7+vuZr2InDF//Ck+ViVLa555CcunxfzkJlTeRN

GET
H/1.1 200
OK cFNOXZB1XeWRSdXXEdlx_01_7d9c4adcbe750bfc8e864c69cbed3daf_file.svg
s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/ 3 KB
3 KB 422ms
171ms Image
image/svg+xml 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/cFNOXZB1XeWRSdXXEdlx_01_7d9c4adcbe750bfc8e864c69cbed3daf_file.svg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 73ec8932259cd10834767c2ecf41c8f7924516bd6037526f5e2112525f63df1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 02:03:46 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 300AACA49A37C606
ETag: "c20768d01a712baaf994b17790f35142"
Content-Type: image/svg+xml
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 3039
x-amz-id-2: UOGyIAHsuhN6agLCAJ/+02SN7UtmRE2ZYB/X96m5Gexxonf6cDYPAcg7E8v9gtUWa76nZlcoQlt8

GET
H/1.1 200
OK yKmDaNA7DpA7RkCRdoM6_01_eb391ca40102606b78fef1eb70ce3c0f_file.svg
s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/ 3 KB
4 KB 448ms
198ms Image
image/svg+xml 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/yKmDaNA7DpA7RkCRdoM6_01_eb391ca40102606b78fef1eb70ce3c0f_file.svg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 3b11e1b6e7e59141771ad3268367beb8a65a8e4c9268cd61d49ed8271c1057ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 02:03:47 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 11761D84A63E5717
ETag: "79367eb8bb868e980eedf51edb35d189"
Content-Type: image/svg+xml
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 3502
x-amz-id-2: TM5DKQpZEKgJt/S5iPWkaU+P8yyJPXQUF1GFAfSIAbuEW+UOOsmTNlB1J4MtPtiuAbKwGJll9OQi

GET
H/1.1 200
OK iZcVfFlay3gkABhEhtVC_01_771d67d0b8ae8720f7775be3a0cfb51a_file.svg
s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/ 3 KB
3 KB 425ms
174ms Image
image/svg+xml 38.146.40.19
BLUEARCHIVE-ZONE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.us-west-1.wasabisys.com/bbbackup/upload/files/2022/09/iZcVfFlay3gkABhEhtVC_01_771d67d0b8ae8720f7775be3a0cfb51a_file.svg
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.146.40.19 Malden, United States, ASN395717 (BLUEARCHIVE-ZONE-1, US),
Reverse DNS
Software: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08) /
Resource Hash: 0f8d789c8c63f74ba250813636eb86bdf629aeb708bcba761c58effadfd9422e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Wed, 15 Mar 2023 04:21:52 GMT
Last-Modified: Fri, 09 Dec 2022 02:03:47 GMT
Server: WasabiS3/7.12.1004-2023-02-17-7ff2f5bdd9 (head08)
x-amz-request-id: 0F92DAF1A2BF9CC4
ETag: "bbce4937cf78e4e6f46c4ebf698c5d2e"
Content-Type: image/svg+xml
Cache-Control: max-age=3153600
Accept-Ranges: bytes
Content-Length: 2946
x-amz-id-2: ReddZf1Uc9NAW3U8s9uKA0R/XjFfeKrckP6d+p4osMYPbep1PUSN7rJ+M8qxvXL4hOQlDnB2VyXi

GET
H2 200 welcome.js Show response
biiut.com/themes/Biiut13/javascript/ 516 B
409 B 165ms
165ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/welcome.js
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: f5f49770d9b13beb49ce66866cd25b9fc5a19b3c28297c3785d0e606a84f7fcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 04:20:10 GMT
server: Apache
etag: "204-5ad1f33e83280-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 307
expires: Thu, 14 Mar 2024 04:21:51 GMT

GET
H2 200 script.js Show response
biiut.com/themes/Biiut13/javascript/ 366 KB
89 KB 172ms
172ms Script
application/javascript 104.237.2.51
NODISTO

General

Check archive.org

Show headers Download Go to

Full URL: https://biiut.com/themes/Biiut13/javascript/script.js?version=2.6.3
Requested by: Host: biiut.com
URL: https://biiut.com/read-blog/55557
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.237.2.51 Dallas, United States, ASN394727 (NODISTO, US),
Reverse DNS: shoppingvalue.net
Software: Apache /
Resource Hash: 7b3cabe5228f518d38cf72ca37179f6014f2adb01cc9fa183d87025d0b5ac448

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/read-blog/55557
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: gzip
last-modified: Thu, 03 Nov 2022 21:45:58 GMT
server: Apache
etag: "5b908-5ec97e1ea5180-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Mar 2024 04:21:51 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 68ms
22ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=fd1b6a7001ae20598c52eded27f38d79

Requested by

Host: biiut.com
URL: https://biiut.com/themes/Biiut13/javascript/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e071b6074f72141eb7ebd787d1ee51be7b38290505ae277136b1cb4af64c2de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://biiut.com/
Origin: https://biiut.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Mar 2023 04:21:51 GMT
content-md5: 74bZd1LkgBjj5hlpc6LHCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88566
x-fb-rlafr: 0
x-fb-debug: yup7G+RfMASFvhQqZZ04z3N3NjjmlVpPp+EjsKdV4nCXBFZEqk6MNKoLV9g0U/dD9JDM5EZ8+71jCorOd93L0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
x-fb-content-md5: 9a21b4d5315cf43b0a16f429d73fe91e
cross-origin-opener-policy: same-origin-allow-popups
etag: "0780741b34d593f00517211c8d00c943"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:44:30 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 365 KB
121 KB 126ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4560798559938298&plah=biiut.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4560798559938298

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfc682d82aaaddd4fced81f7d2985d978c54cfc46a69ea93eaf92712656e14b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123400
x-xss-protection: 0
server: cafe
etag: 10922592917009268576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:51 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/ Frame FCE3 10 KB
5 KB 70ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230313/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4560798559938298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 21:17:34 GMT
etag: 2378337311435320485
expires: Tue, 28 Mar 2023 21:17:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 135 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 64ms
19ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Readex+Pro:wght@300;500&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biiut.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:21:08 GMT
x-content-type-options: nosniff
age: 514843
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 05:21:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 69ms
23ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Readex+Pro:wght@300;500&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biiut.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 21:07:17 GMT
x-content-type-options: nosniff
age: 371674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:07:17 GMT

GET
H2 200 SLXYc1bJ7HE5YDoGPuzj_dh8uc7wUy8ZQQyX2IwwZEw.woff2
fonts.gstatic.com/s/readexpro/v15/ 27 KB
27 KB 83ms
38ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/readexpro/v15/SLXYc1bJ7HE5YDoGPuzj_dh8uc7wUy8ZQQyX2IwwZEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Readex+Pro:wght@300;500&family=Roboto:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b359ab4541ab7c6405078002a55d78a760a1f7b3c985f4f8917b5e25920d81ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://biiut.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 13:48:50 GMT
x-content-type-options: nosniff
age: 52381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27428
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 21:49:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Mar 2024 13:48:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
18ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-250156518-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 Mar 2023 04:14:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 427
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 15 Mar 2023 06:14:45 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
593 B 77ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=biiut.com&callback=_gfp_s_&client=ca-pub-4560798559938298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4560798559938298&plah=biiut.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d081e2384403050591bb5f121de99aa83f496e9520fdbcbe042541730cf510f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 242
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 96ms
27ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=biiut.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
30ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=biiut.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed-sidebar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=fixed-sidebar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 822D 165 KB
46 KB 310ms
309ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&adk=1812271804&adf=3025194257&lmt=1678854112&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854111902&bpp=7&bdt=1470&idt=188&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=760388147631&frm=20&pv=2&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=219

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e06f1f1d7ff87c81c723c7c47b132be3592d0540e666fa5bef1eee543dad340

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 47059
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:52 GMT
expires: Wed, 15 Mar 2023 04:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
201 B 26ms
25ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=963577728&t=pageview&_s=1&dl=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&ul=en-us&de=UTF-8&dt=A%20Beginner%27s%20Guide%20To%20Using%20An%20Aroma%20Diffuser&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1909950554&gjid=1772473409&cid=2071856039.1678854112&tid=UA-250156518-1&_gid=925055233.1678854112&_r=1&gtm=457e33d0&z=2010469221

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://biiut.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://biiut.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/ 149 KB
51 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd13946495aa1bf835050c02d49cbed5a155e8c2ef4077ea533c044341f908d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52039
x-xss-protection: 0
server: cafe
etag: 11742266969087735342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 31ms
29ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=biiut.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 31ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=biiut.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A5C1 217 KB
108 KB 429ms
428ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

998b778581b6ca86c5d33af22feb263064a7be2afa604663b4a88e1266c696e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110530
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:52 GMT
expires: Wed, 15 Mar 2023 04:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 54FA 101 KB
35 KB 358ms
357ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b8079af098eea5a95928b7bd5c6182e155eabb422cf72895e727172e0868d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35813
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:52 GMT
expires: Wed, 15 Mar 2023 04:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0461 88 KB
33 KB 343ms
343ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1973347523&pi=t.aa~a.122774332~i.25~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=1&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=x72acE2DRJ&p=https%3A//biiut.com&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6cf65655be8f139f3f94f1f2c468d00588cd271f6a9541e73c62e58ebfe764c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33325
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:52 GMT
expires: Wed, 15 Mar 2023 04:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=biiut.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
31ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=biiut.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/ Frame 4101 10 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 49236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 14:41:16 GMT
etag: 2378337311435320485
expires: Tue, 28 Mar 2023 14:41:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4101 4 KB
732 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 03:59:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4101 205 B
650 B 67ms
19ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:15:16 GMT
x-content-type-options: nosniff
age: 14796
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Mar 2024 00:15:16 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4101 604 B
695 B 68ms
20ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 00:05:50 GMT
x-content-type-options: nosniff
age: 15362
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Mar 2024 00:05:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/elements/html/ Frame 4101 20 KB
9 KB 91ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 16448057571289220057
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 18:26:10 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E42F 8 KB
895 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 03:13:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame E42F 2 KB
846 B 63ms
41ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/ Frame E42F 22 KB
9 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:30:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame E42F 3 KB
1 KB 61ms
40ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 23:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 23:54:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame E42F 20 KB
8 KB 47ms
27ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 9550401019908337125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:26:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E42F 158 KB
49 KB 103ms
36ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49526
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678735041478572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame E42F 34 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E37F 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 03:22:07 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E37F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
28ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230313/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:52 GMT
expires: Wed, 15 Mar 2023 04:21:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame E518 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 21:43:48 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0461 6 KB
672 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1973347523&pi=t.aa~a.122774332~i.25~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=1&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=x72acE2DRJ&p=https%3A//biiut.com&dtd=21

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 04:02:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 0461 2 KB
799 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0461 0
0 66ms
65ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CddfQ4EcRZIL9IcOp7gPNvoDQCLD_1pNv_ZaC3YQRv7ScuJUOEAEgpcXBcmCV6pOCoAegAe31wK0pyAEJqQLzxagcDgOyPqgDAcgDywSqBOEBT9DYEz-U6iPgG22aM3hmEe3wVW1sFW9tuY-Y7oC8xzjUrgCrRiYrXpI0igYK-4yZNlmS5Ewsr405VNK7c7OUacAuh2wx5bJXNHXW2sojaH3aRoZA3UJTiarsgEEl05tni0_iVGAsxYZqQWPCbOtm9gxRXkjsemEQV0eaUdddSqcMfRpxRi1gtQsL1mva8qjYOO4EDXriIbyM_RxQjLPPJXD1L7XSMNPBswQBsbdlPlzuhBca92LCRYkpgA80KnYkMEx2u2pa0BVEx53CKIBdKkcQKxa2E5AsTJpvcMjRAdiswASpvq2mpgSSBQQIBBgBkgUECAUYBKAGLoAH7a2RjQSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCcjQbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEwrQFQGAFwGyFxwKGggAEhRwdWItNDU2MDc5ODU1OTkzODI5OBgA&sigh=RXYDChapq6M&uach_m=[UACH]&cid=CAQSOwDUE5ymEGh1x20JPiUzbWRyATS9L10_qloNC14JaFO4BydS0n3QuGG0M0pmKV0rmWQUhnRrVU7JsURHGAE&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1973347523&pi=t.aa~a.122774332~i.25~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=1&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=x72acE2DRJ&p=https%3A//biiut.com&dtd=21
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Mar 2023 04:21:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6241338530244017498/ Frame 0461 24 KB
25 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6241338530244017498/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0bff839d71c8655ca1f74c8ebfb251be9ee95a148096ebf0af69f0324247548

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:26:56 GMT
x-content-type-options: nosniff
age: 284096
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25020
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 22:03:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Mar 2024 21:26:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 54FA 8 KB
895 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 04:04:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 54FA 2 KB
799 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 54FA 0
0 68ms
67ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVFW24EcRZPrHIZaG-gbk26uID87pjLFmn5vh2ucOpJL4_skqEAEgpcXBcmCVypOCoAegAduz8rgDyAEJqQLzxagcDgOyPqgDAcgDywSqBNMBT9BqEbCAayF93qmOjm8h09bbkvoCSW-Oo2ZnuVhfigm6BEiRIKeNAqEZdvjRyfxQviFfXXg4eBolrzY5UgyLHgjp6m5sNJZxtCQbphogJpA_IvUbdC_j5gXO0YcAqJc9_XOGwFYp-B4NSPQ2U29j2gcJljbWl3bfV6WHF8cVUbhmlT-tBVvvzGLKoMaeSu8GIvU10U8xLfMr3gT_3lalOhpPSSeyYNZgYME5lY4JotOA81Nbpgc9HMH_zKvjQwDoGRfLp4Xjp2skQBkn-z-iPKA5UcAE2Mbos_YDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB43MjUeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDurgPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUBNAVAYAXAbIXHAoaCAASFHB1Yi00NTYwNzk4NTU5OTM4Mjk4GAA&sigh=-SuX5ZrQgfc&uach_m=[UACH]&cid=CAQSOwDUE5ymsrwZXOFqK6hP5MZglI4BCMQKtSO82ll57YZbVAykXuaPpcOIb2M9PLpvOao5hNcxIiyeFdrwGAE&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Mar 2023 04:21:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/ Frame 54FA 22 KB
9 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:30:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 54FA 3 KB
1 KB 35ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 23:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 23:54:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 54FA 20 KB
8 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 9550401019908337125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:26:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 54FA 0
0 32ms
27ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS18HADMoGFzGzl-0kpBKCde-rpUKrKkSepHpfh9AJmgT1KaqarF4lU0bDa75ezb9sj9nHPR-h_0mSB-ZPs-Xt3E8EHPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54FA 158 KB
48 KB 191ms
186ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49526
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678735041478572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:53 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 54FA 34 KB
14 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/ Frame 0461 22 KB
9 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:30:02 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 0461 2 KB
799 B 34ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 0461 3 KB
1 KB 35ms
31ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 23:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 23:54:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame 0461 20 KB
8 KB 29ms
26ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 9550401019908337125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:26:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0461 0
0 31ms
28ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_lXhHAAQ7JR1kehuIrpUYwg4enC33qTR3uYLNSqDiDSSQevCDLJCK2mfNun-rlKMhA_zGrvik6T1t9EJlOy5JnU_2hw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1973347523&pi=t.aa~a.122774332~i.25~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=1&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=x72acE2DRJ&p=https%3A//biiut.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0461 158 KB
48 KB 207ms
205ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49526
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678735041478572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:53 GMT

GET
H2 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame 0461 34 KB
14 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12168059400837412844/ Frame 54FA 24 KB
24 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12168059400837412844/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2600ce52f64d2bb7f1b315eea37ec66e1350c2d81787216d6166dad19a1ed9c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 09:07:07 GMT
x-content-type-options: nosniff
age: 69285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24675
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:40:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 13 Mar 2024 09:07:07 GMT

GET
DATA 200
OK truncated
/ Frame 54FA 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 54FA 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame A5C1 2 KB
535 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 15 Mar 2023 04:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 15 Mar 2023 04:06:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Mar 2023 04:21:52 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame A5C1 2 KB
765 B 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49416
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:38:16 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/ Frame A5C1 22 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49910
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9097
x-xss-protection: 0
server: cafe
etag: 6133207136504656605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:30:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame A5C1 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 23:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16042
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 23:54:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/ Frame A5C1 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230313/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 14:26:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50126
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 9550401019908337125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Mar 2023 14:26:26 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A5C1 0
0 29ms
28ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPLTJvy31zgrXVAGwG4BRGAfpjcNbBc9l0pVxGEbueFp4ewHU_8NVkdG6ayqibuhxcV4Bbax6gCvXpTYXLe8Qaea9n1Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5C1 158 KB
48 KB 113ms
113ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49526
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678735041478572"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 04:21:53 GMT

GET
H3 200 cbfababd91166e5076a7e33bfb78f317.js Show response
www.gstatic.com/mysidia/ Frame A5C1 34 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cbfababd91166e5076a7e33bfb78f317.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 17:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39123
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14337
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 21:07:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 12 Jun 2023 17:29:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A5C1 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CztbJ4EcRZJGvIfDAx_APqJ6P6ALLxYbKbofw-NWEDJSh8OTEGxABIKXFwXJglcqTgqAHoAHy5eORA8gBCakC88WoHA4Dsj6oAwHIA8sEqgTbAU_Q6kG6XTWHXXZJAWVoSXSoVd16K4LyqMyQ0Kk9a3kWlODcRRpB-qPihXqq-1jvybbURI5Z2_RA4toc_RSsw34-g-Xc6qmWvbD3dSOz_AQyFV1ivXxdqEA4h9KBPK0YCCEA4KGPKfQ50c70-zE1jWh0rixfz1FnRGlJFjrT26NYY0pvxUtnwlLWhPYAEYA_eP1YBmRCrFjPfovBJ7WtTa0OsY6UoW6xq9kdLZqsRm3z-EY0D5ZTFUH-erqoqYsAWMy2EDiwQzQP8WfaMQj4eQ9GzN3UgtI87qhcusAE69SZypMDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_-P9m-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQqNMD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNDU2MDc5ODU1OTkzODI5OBgA&sigh=u1KLprcZ-M0&uach_m=[UACH]&cid=CAQSOwDUE5ymQ8xs3cpMjVWF80nLVsSqE_zrv2eb-x8jeYrlc75ahw_Nhzm3QpPDkQQaUgMZuY5TMaE6-g6WGAE&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 15 Mar 2023 04:21:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A5C1 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09fb46e64a5e074b658f667942ab9d3676aefedbe1ffb88e993b64cd9f707d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame A5C1 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a71a7814b44a9f578d65a39f25dbb2419186d856953fee32a85acfbbe84b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame A5C1 21 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 525d7ed3269b8be512258e4ab4be8c38098e1940618d6d8bffb64d6b00c36ec3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame A5C1 22 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2a4f3d1e938126cc98985cbc1234775884b4ed8883f0aff6244899aef34f275

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame A5C1 7 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10cea3a1d21d152f55cf2cbfd66108118f3dcfc3ad72895105169eef42e4ddec

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3

200

3953431504011786656
tpc.googlesyndication.com/simgad/ Frame A5C1
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC39PXNmgEQ0A8Y9AMyCNipC7SEG4zk
https://tpc.googlesyndication.com/simgad/3953431504011786656

17 KB
17 KB

21ms
20ms

Image
image/png

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3953431504011786656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47bfd80aa185f0903315ae94aeb3e6d20b8c183b3d07ff9986983f4faa440a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 08:17:21 GMT
x-content-type-options: nosniff
age: 417872
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17114
x-xss-protection: 0
last-modified: Tue, 18 Aug 2020 06:51:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Mar 2024 08:17:21 GMT

Redirect headers

date: Tue, 14 Mar 2023 06:44:56 GMT
x-content-type-options: nosniff
server: cafe
age: 77816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/3953431504011786656
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 13 Apr 2023 06:44:56 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7E9B 1 KB
643 B 20ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Wed, 15 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BCC1 1 KB
643 B 20ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Wed, 15 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 54FA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ebaed6a095c5c59e7380f5623e5bfb030c69322de705d8b06aaf7c59aeeb798

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0461 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 708ba23153a7718ed0d77915d1f95a5c4de9829d4b22aa8e1a63283328f7ae9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B14B 1 KB
643 B 22ms
19ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57512
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 12:23:21 GMT
etag: 48472445140208031
expires: Wed, 15 Mar 2023 12:23:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A5C1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35730d034c52f9003a7418b37c095ef7cc21dfdf02bf809a7380705d0d0b54e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7E9B
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENWm0gYrSmucs4sf2bWnjcE&google_cver=1&google_push=Aa02lx9NIsxCXZycFns0yYku8oi9NdO1vfp8aa-4KL2SGXfIbTb4DVHy6dcoQR_xTJIQ9bV3DS5dPlvsulC...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9NIsxCXZycFns0yYku8oi9NdO1vfp8aa-4KL2SGXfIbTb4DVHy6dcoQR_xTJIQ9bV3DS5dPlvsulCBNDARxhJtPHaitGY8fLaw&google_hm=9gsxPV0PQwW2eLyw...

170 B
232 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9NIsxCXZycFns0yYku8oi9NdO1vfp8aa-4KL2SGXfIbTb4DVHy6dcoQR_xTJIQ9bV3DS5dPlvsulCBNDARxhJtPHaitGY8fLaw&google_hm=9gsxPV0PQwW2eLywfX0QFx0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:52 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx9NIsxCXZycFns0yYku8oi9NdO1vfp8aa-4KL2SGXfIbTb4DVHy6dcoQR_xTJIQ9bV3DS5dPlvsulCBNDARxhJtPHaitGY8fLaw&google_hm=9gsxPV0PQwW2eLywfX0QFx0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7E9B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFmy2vslaSWL_3Q0UIVN7mQ&google_cver=1&google_push=Aa02lx8lYZ08njrElxeoh8lXGHmdIbbj-kqpqSLbW1RHe3rWtC2XXQSsv7eTvRHE4TlSYnEB1TkiVQ8jehex1J...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTc5MDQ5MA%3D%3D&google_push=Aa02lx8lYZ08njrElxeoh8lXGHmdIbbj-kqpqSLbW1RHe3rWtC2XXQSsv7eTvRHE4TlSYnEB1TkiVQ8jehex1JAVbx...

170 B
329 B

30ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTc5MDQ5MA%3D%3D&google_push=Aa02lx8lYZ08njrElxeoh8lXGHmdIbbj-kqpqSLbW1RHe3rWtC2XXQSsv7eTvRHE4TlSYnEB1TkiVQ8jehex1JAVbxq6W_vA6VEYdbE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTc5MDQ5MA%3D%3D&google_push=Aa02lx8lYZ08njrElxeoh8lXGHmdIbbj-kqpqSLbW1RHe3rWtC2XXQSsv7eTvRHE4TlSYnEB1TkiVQ8jehex1JAVbxq6W_vA6VEYdbE
Date: Wed, 15 Mar 2023 04:21:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7E9B
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESEKjP6RVL6P9UL_hknNa5-QQ&google_cver=1&google_push=Aa02lx81Qb2zoEc3Il9oQQHr2pjr2QE7wRZ85HZLSs9xIwpCmjNSm-BKgJ32tduTI5CYsIwEMLxtgLaks9uoyNFR-LrKOZlS0mtC6aSq
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QVFIaWNRQmpDR21DM1J4aTRVY1JaQQ%3D%3D&google_push=Aa02lx81Qb2zoEc3Il9oQQHr2pjr2QE7wRZ85HZLSs9xIwpCmjNSm-BKgJ32tduTI5CYsIwEMLxtgLaks9uoy...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QVFIaWNRQmpDR21DM1J4aTRVY1JaQQ%3D%3D&google_push=Aa02lx81Qb2zoEc3Il9oQQHr2pjr2QE7wRZ85HZLSs9xIwpCmjNSm-BKgJ32tduTI5CYsIwEMLxtgLaks9uoyNFR-LrKOZlS0mtC6aSq

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=QVFIaWNRQmpDR21DM1J4aTRVY1JaQQ%3D%3D&google_push=Aa02lx81Qb2zoEc3Il9oQQHr2pjr2QE7wRZ85HZLSs9xIwpCmjNSm-BKgJ32tduTI5CYsIwEMLxtgLaks9uoyNFR-LrKOZlS0mtC6aSq
date: Wed, 15 Mar 2023 04:21:53 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: nginx
content-length: 247
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7E9B
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOldIGUvYAM_8psxiKjmiXQ&google_cver=1&google_push=Aa02lx-5qCPAUCMyPY2lGDJiKPWI3jPwdE2S1cdvUQNsKhCisWDuHdKfjxV1I4xxy-QNMuH-_DDMKhM5WC7c...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-5qCPAUCMyPY2lGDJiKPWI3jPwdE2S1cdvUQNsKhCisWDuHdKfjxV1I4xxy-QNMuH-_DDMKhM5WC7c1HtXqpVmwRCLhuuDw_jL

170 B
232 B

32ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-5qCPAUCMyPY2lGDJiKPWI3jPwdE2S1cdvUQNsKhCisWDuHdKfjxV1I4xxy-QNMuH-_DDMKhM5WC7c1HtXqpVmwRCLhuuDw_jL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-5qCPAUCMyPY2lGDJiKPWI3jPwdE2S1cdvUQNsKhCisWDuHdKfjxV1I4xxy-QNMuH-_DDMKhM5WC7c1HtXqpVmwRCLhuuDw_jL
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7E9B
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDeK7l6RxqsONALkDC7ufoU&google_cver=1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI4...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI0MzEwODY3NzY3NTI3NzkzNzc1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9...

170 B
232 B

29ms
29ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI0MzEwODY3NzY3NTI3NzkzNzc1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI4ftPoi

Requested by

Host: biiut.com
URL: https://biiut.com/read-blog/55557

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjI0MzEwODY3NzY3NTI3NzkzNzc1&google_push=Aa02lx8ng1S2gaGn1Yd0H0RvoN68wpb5Z8Fa6lA877sbcXd2p8D2pWgc4xHoXDl9oXXezWj8BRE7sGHIeFKFdhsr2Kd_mmGVZI4ftPoi
date: Wed, 15 Mar 2023 04:21:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame 7E9B 0
35 B 105ms
19ms Image
text/plain 3.67.240.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEKKT9TGxMt43vxsPodBncp8&google_cver=1&google_push=Aa02lx8f2c28gPQZvoef0uHAA1TSQ2zDwoDJR-QIeI9Cy4K8SRKI48s3wl1nlTGe3oZBhGO5C95QNs6950-ah2HN_7XSOi1h5loPh6lu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.240.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-240-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT

GET
H/1.1

200

0.gif
id5-sync.com/i/495/ Frame 7E9B
Redirect Chain

https://sync.inmobi.com/gob?google_gid=CAESENIm7LMvLSMu_xbBg_IhOGY&google_cver=1&google_push=Aa02lx9TNNNDTs-i-axr7viBeWkoEw2JLMJI_E6SC-QPPhisxhRqrM5f8RTkyvLfbriu9FQQ8ULqJ7TRI0Q5gSaVcbO06w6G5m4Rnh8hyg
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9TNNNDTs-i-axr7viBeWkoEw2JLMJI_E6SC-QPPhis...

43 B
1 KB

78ms
21ms

Image
image/gif

162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9TNNNDTs-i-axr7viBeWkoEw2JLMJI_E6SC-QPPhisxhRqrM5f8RTkyvLfbriu9FQQ8ULqJ7TRI0Q5gSaVcbO06w6G5m4Rnh8hyg

Protocol

HTTP/1.1

Server

162.19.138.118 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Wed, 15 Mar 2023 04:21:52 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

Redirect headers

date: Wed, 15 Mar 2023 04:21:53 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
expect-ct: max-age=0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAa02lx9TNNNDTs-i-axr7viBeWkoEw2JLMJI_E6SC-QPPhisxhRqrM5f8RTkyvLfbriu9FQQ8ULqJ7TRI0Q5gSaVcbO06w6G5m4Rnh8hyg
x-download-options: noopen
vary: Accept
content-length: 277
x-xss-protection: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7E9B 0
139 B 95ms
27ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jm4teqD6shLEx1UsZMyznyEWj1EGUTtG6hhw8Y75GQZBRDqp7VtErvkNZvrL-ksxMn03DRDkU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BCC1
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEJQTBN3dn-wNaRSVmw4z9WM&google_cver=1&google_push=Aa02lx92cpBkO3zVpTf8CmajyEIADsRvVJ_6SV6y5B6JLkBHis0RFh0Z8xBwLqB6EjCiWEi_WUyTFFhUJud-AGZvNU1DO-ExmuzthquM
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DCD26DE5EEC402096EE9554EBE3006B&google_push=Aa02lx92cpBkO3zVpTf8CmajyEIADsRvVJ_6SV6y5B6JLkBHis0RFh0Z8xBwLqB6EjCiWEi_WUyTFFhUJud-AGZ...

170 B
232 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DCD26DE5EEC402096EE9554EBE3006B&google_push=Aa02lx92cpBkO3zVpTf8CmajyEIADsRvVJ_6SV6y5B6JLkBHis0RFh0Z8xBwLqB6EjCiWEi_WUyTFFhUJud-AGZvNU1DO-ExmuzthquM

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 15 Mar 2023 04:21:53 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2DCD26DE5EEC402096EE9554EBE3006B&google_push=Aa02lx92cpBkO3zVpTf8CmajyEIADsRvVJ_6SV6y5B6JLkBHis0RFh0Z8xBwLqB6EjCiWEi_WUyTFFhUJud-AGZvNU1DO-ExmuzthquM
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Tue, 14 Mar 2023 04:21:53 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame BCC1 0
173 B 86ms
28ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEM0N4wxFlzL2uUMl9_tNLZ0&google_cver=1&google_push=Aa02lx9vEWPUBuNoL7gAFV5oT0O5Z9UlsJs4tFipJdpXwH7X8lz0oARcebjWHyCCGf_erAuwOi8_jptyjW8mmnW-0izJS2FCaHN8PBWE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1973347523&pi=t.aa~a.122774332~i.25~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=1&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280%2C1110x280&nras=4&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2977&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=x72acE2DRJ&p=https%3A//biiut.com&dtd=21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame BCC1
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHMdjqb7V97W1vkorc8I6mk&google_cver=1&google_push=Aa02lx-_3ig6S7AquJ6Wi047TSuQog4qjoIp8WeLVl38YdBjb_9DLv8O70520Ia4zysVIGaArAm1LMXWSn4K86...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTcyNDk1Mg%3D%3D&google_push=Aa02lx-_3ig6S7AquJ6Wi047TSuQog4qjoIp8WeLVl38YdBjb_9DLv8O70520Ia4zysVIGaArAm1LMXWSn4K86PbVl...

170 B
232 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTcyNDk1Mg%3D%3D&google_push=Aa02lx-_3ig6S7AquJ6Wi047TSuQog4qjoIp8WeLVl38YdBjb_9DLv8O70520Ia4zysVIGaArAm1LMXWSn4K86PbVl9IVO_cBiSG4Hw

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzIxMDYyMzUxMDA5MTcyNDk1Mg%3D%3D&google_push=Aa02lx-_3ig6S7AquJ6Wi047TSuQog4qjoIp8WeLVl38YdBjb_9DLv8O70520Ia4zysVIGaArAm1LMXWSn4K86PbVl9IVO_cBiSG4Hw
Date: Wed, 15 Mar 2023 04:21:53 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKs3DPI45oUii5eTgCe7b2k&google_cver=1&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBRa0...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKs3DPI45oUii5eTgCe7b2k&google_cver=1&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhs...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDcxNDY0NzYxOTUzNzQ3Mw&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBR...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDcxNDY0NzYxOTUzNzQ3Mw&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBRa0ZABjsX_GCsq7uDMoZk0Ru-c

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njc3MDcxNDY0NzYxOTUzNzQ3Mw&google_push=Aa02lx9VFke5BeAi7e-gwDSQ1ubgSlGs4rLcPL8doxrW6-xrwV2fbEK23B6XJK3FVNUougrCdhsjBRa0ZABjsX_GCsq7uDMoZk0Ru-c
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC1
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAtNUDWGAQNh-aWPYmeuweM&google_cver=1&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUm...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEAtNUDWGAQNh-aWPYmeuweM&google_cver=1&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUm...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUmltSeYh4zGPLX6M&google_hm=GUAlsGZHoalFA0KaSje...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUmltSeYh4zGPLX6M&google_hm=GUAlsGZHoalFA0KaSjeJGk4t

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 15 Mar 2023 04:21:53 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx-f1LuLth78sZXf07y2lpBnQiFo2TC5FVWduIKG1n-z74hcIi6-yuMp55s0LPxRAbPpfg84kNWM8hy94hiUmltSeYh4zGPLX6M&google_hm=GUAlsGZHoalFA0KaSjeJGk4t
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC1
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEMVLIpGOvB-sVHpkeR9-zoM&google_cver=1&google_push=Aa02lx_FVmF0-3tjPbciUJ1LtjbD-8p_GdLRIm0g4zxi_kPEdDFN5gYQKEbZr0UHKSq5DAGZ9qtgDipkenN-5L8ZzEe-4XK...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx_FVmF0-3tjPbciUJ1LtjbD-8p_GdLRIm0g4zxi_kPEdDFN5gYQKEbZr0UHKSq5DAGZ9qtgDipkenN-5L8ZzEe-4XK8CZwY6FfWew&google_hm=OTM5O...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx_FVmF0-3tjPbciUJ1LtjbD-8p_GdLRIm0g4zxi_kPEdDFN5gYQKEbZr0UHKSq5DAGZ9qtgDipkenN-5L8ZzEe-4XK8CZwY6FfWew&google_hm=OTM5ODA1MTUwMTEwNDE3NDMy

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=Aa02lx_FVmF0-3tjPbciUJ1LtjbD-8p_GdLRIm0g4zxi_kPEdDFN5gYQKEbZr0UHKSq5DAGZ9qtgDipkenN-5L8ZzEe-4XK8CZwY6FfWew&google_hm=OTM5ODA1MTUwMTEwNDE3NDMy
Date: Wed, 15 Mar 2023 04:21:53 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCC1
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEBOitCv97HOzz7ejPM15LHU&google_cver=1&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuT...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEBOitCv97HOzz7ejPM15LHU&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuT...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuTH4L9jepYb0LIcNLOKrk0CVA_kVOyg&google_hm=YW9oc1FzZU...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuTH4L9jepYb0LIcNLOKrk0CVA_kVOyg&google_hm=YW9oc1FzZUJ1MElvS3p0RkJncjI=

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Mar 2023 04:21:53 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=Aa02lx8pOaf76NGCyyrmi5be9GHCLz_ceBJLmcrZt2KChXxPlzBAzpwPsNgdB7vb2qpVt4wRSOkuTH4L9jepYb0LIcNLOKrk0CVA_kVOyg&google_hm=YW9oc1FzZUJ1MElvS3p0RkJncjI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 246
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame BCC1 0
40 B 94ms
27ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5zmHsXXCxGxjzJwKbHqbeF7tsGTsjg4PfD_8OEqf2ZR9wc3ftJhPFrlJOu0IDuwkzPPxgRVU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B14B
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_hm=ZBFH4YcbbyxeuMOYzU5uUgAACJwAAAIB&google_nid=index&google_push=Aa02lx945EdPCY_fBPNOtOPeho3JAdFl_hVvL...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_hm=ZBFH4YcbbyxeuMOYzU5uUgAACJwAAAIB&google_nid=index&google_push=Aa02lx945EdPCY_fBPNOtOPeho3JAdFl_hVvLdGdCEkzxP8tVl1osx9-MaY_ybjgUM5Nys1y4Z-85AA8pqUdNki2_qZoWRXYB0rqxfEQ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Mar 2023 04:21:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJsbpIl3CrnCbkqauLVPnT4&google_hm=ZBFH4YcbbyxeuMOYzU5uUgAACJwAAAIB&google_nid=index&google_push=Aa02lx945EdPCY_fBPNOtOPeho3JAdFl_hVvLdGdCEkzxP8tVl1osx9-MaY_ybjgUM5Nys1y4Z-85AA8pqUdNki2_qZoWRXYB0rqxfEQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame B14B 0
498 B 435ms
105ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAa02lx90laiziQYfTNYQfnKUnIMsRoeDknK61ntFuD-868Kp25wCKvVGyGj6pSY9-foPqMzxCVFR5jv4Fj6cGqXx2N3CtpKkNL6reWAM%26google_hm%3D%5BUID%5D&google_gid=CAESEG_q2Hf8iNZ_YnFDUvEJvC8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Mar 2023 04:21:53 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-73
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B14B
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEMA9abxQlKgWSYHaupa8__A&google_cver=1&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQDMGYIOz...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMA9abxQlKgWSYHaupa8__A&google_cver=1&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQD...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=E0E1DojYSWyO3Io125cqYA&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQ...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=E0E1DojYSWyO3Io125cqYA&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQDMGYIOzBCT6--kvd3

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=E0E1DojYSWyO3Io125cqYA&google_push=Aa02lx84GTfd3Qm8o5WZo0o6oNLOcHQZnapqhe7gu5BWd-peDqVhK1VNP53aUlPexuuSwQQHjcNiwFWquzqCemQDMGYIOzBCT6--kvd3
access-control-allow-origin: *
date: Wed, 15 Mar 2023 04:21:53 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame B14B 0
44 B 853ms
277ms Image
text/plain 52.192.206.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEAjDfNLijKQqiflKei6P_w8&google_cver=1&google_push=Aa02lx-gbothMeHRUDo-BtU7xQySJ38e6arWGpmOqbF2CK16jnG382R5WIqh8XydMzpW1-3ggr_TpLSuoFArcat5rKOe6hYgiKXxnf0l
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.206.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-206-43.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B14B
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESECW5Tsde1KM-nj9aw9TGf0M&google_cver=1&google_push=Aa02lx9RVWAmWfu30LTEpYMlS7ttU0sWSuJEzKeBqHWs7X_UJpSR1GIlT...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx9RVWAmWfu30LTEpYMlS7ttU0sWSuJEzKeBqHWs7X_UJpSR1GIlTaOgtChYzT_kYHf0GrtqVl2NeW41W81C5SpUnmX_e_fgH3JzfA&google_hm=QlMuYmI0MC1l...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx9RVWAmWfu30LTEpYMlS7ttU0sWSuJEzKeBqHWs7X_UJpSR1GIlTaOgtChYzT_kYHf0GrtqVl2NeW41W81C5SpUnmX_e_fgH3JzfA&google_hm=QlMuYmI0MC1lMGNkLTQ3YzgtODgxOA==

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=Aa02lx9RVWAmWfu30LTEpYMlS7ttU0sWSuJEzKeBqHWs7X_UJpSR1GIlTaOgtChYzT_kYHf0GrtqVl2NeW41W81C5SpUnmX_e_fgH3JzfA&google_hm=QlMuYmI0MC1lMGNkLTQ3YzgtODgxOA==
Date: Wed, 15 Mar 2023 04:21:53 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H2 204 v1
match.sharethrough.com/E4rooAtA/ Frame B14B 0
34 B 98ms
20ms Image
text/plain 3.67.240.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEN1fZGi_NpiwDrqrw4QmdmU&google_cver=1&google_push=Aa02lx8i1AhL2ISGe8xDR8uNwKKMzv8d61_1cUMCpXQXJiK7Yf_BqkK8aiV3mZtig4ereLeOaB74lApOSBS4Z2s2lTOdsnVwIXrUAhzwBA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.67.240.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-67-240-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B14B
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEFId5UKdsKngoCf8PHxetSY&google_cver=1&google_push=Aa02lx_dBo9Nhj4II_WL-FVxExZHG_XZa38BnwEOFf7nj3fcglJ3mzuk-EHj00vn0msAIvITJ2iDvG8FbOhWED8kPp1MRDdJj...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_dBo9Nhj4II_WL-FVxExZHG_XZa38BnwEOFf7nj3fcglJ3mzuk-EHj00vn0msAIvITJ2iDvG8FbOhWED8kPp1MRDdJj9jjxzHMZA&google_hm=2eb9d881...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_dBo9Nhj4II_WL-FVxExZHG_XZa38BnwEOFf7nj3fcglJ3mzuk-EHj00vn0msAIvITJ2iDvG8FbOhWED8kPp1MRDdJj9jjxzHMZA&google_hm=2eb9d881e1b6300fd429763dd2426d63

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aa02lx_dBo9Nhj4II_WL-FVxExZHG_XZa38BnwEOFf7nj3fcglJ3mzuk-EHj00vn0msAIvITJ2iDvG8FbOhWED8kPp1MRDdJj9jjxzHMZA&google_hm=2eb9d881e1b6300fd429763dd2426d63
date: Wed, 15 Mar 2023 04:21:53 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B14B 0
40 B 89ms
28ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IigylXRouM2-3tUghXcWXfCHYVDZMr3Oj_eppfWaORve0L72Sa_LWCHiaVnofSZigLndvIcR9y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 54FA 28 KB
28 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 19:36:43 GMT
x-content-type-options: nosniff
age: 463510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 19:36:43 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame A5C1 20 KB
20 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 15:30:25 GMT
x-content-type-options: nosniff
age: 391888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 15:30:25 GMT

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame C9E2 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=1350428537&pi=t.aa~a.122774332~i.19~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=1&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0%2C1110x280&nras=3&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=vOL79lsvTF&p=https%3A//biiut.com&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 21:43:48 GMT

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame 446F 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4560798559938298&output=html&h=280&adk=3773788485&adf=676203826&pi=t.aa~a.122774332~i.4~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1678854112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3950815023&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fbiiut.com%2Fread-blog%2F55557&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678854112489&bpp=2&bdt=2056&idt=-M&shv=r20230313&mjsv=m202303060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D3af37100a5f07a8a-222718e74edd0081%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A&gpic=UID%3D00000bc5dbca76be%3AT%3D1678854112%3ART%3D1678854112%3AS%3DALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA&prev_fmts=0x0&nras=2&correlator=760388147631&frm=20&pv=1&ga_vid=2071856039.1678854112&ga_sid=1678854112&ga_hid=963577728&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=115&ady=1291&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44777876%2C44759875%2C44759837%2C31073106&oid=2&pvsid=132649832603492&tmod=2045826102&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jjjN2z2utl&p=https%3A//biiut.com&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 21:43:48 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0461 15 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 413042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 09:37:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0461 15 KB
15 KB 31ms
30ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 424963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 06:19:10 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0461 15 KB
15 KB 24ms
24ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 21:07:17 GMT
x-content-type-options: nosniff
age: 371676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 21:07:17 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 37ms
35ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230313&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed4832e4b8f18785effdd2240d32c54e2878c63fa0289001458f9162bd8f03ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11379
x-xss-protection: 0

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame D9B1 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 21:43:48 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 04:21:53 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9521 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Mar 2023 23:54:48 GMT
expires: Wed, 13 Mar 2024 23:54:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 488B 783 B
535 B 30ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b4fe4595f306e845f6b7487b1460a04406edc0822f3529ea3021f6bab9c0318

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1rO2_R32uZxILx7fguEqoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://biiut.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-1rO2_R32uZxILx7fguEqoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 Mar 2023 04:21:53 GMT
expires: Wed, 15 Mar 2023 04:21:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 488B 0
0 62ms
62ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230313&jk=132649832603492&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9521 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WygWmAr8N2thj-jBdqJCiD6QGZJ45ru74cfJMvWtULI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 21:43:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 283085
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14129
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 21:43:48 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9521 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?EI-sNA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 04:21:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
55ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230313&jk=132649832603492&bg=!LS6lLnrNAAZKh9k7aoc7ADkAdvg8WqmRRTroMZFq8PwoWqDBNpZTG4IWZObWrSDX7-KS_mZijYR_3_XiLAvK1himzUvGDDsNDiECAAAASVIAAAAEaAEHmQKupNqy0Ws8YVLRnl-oL6CABvyspAnWgWF25fZOnLdk6hPwcNvXunLGT3MTCg4YtD3Q5i3jf0VEOyDlq7TUc2b9P7FEnSZ1-eFhgeT2s60517pAVTW3j-ApLTZviKz4Yg9svFH21SlUjuomETop9uFuSEmCceVKXy_cgj1sT1139ethqSOtNUyZPDprrKQbiY8ir6z5mlLUsnIpGxnXLTuyrllK-IVDwQ9GdJ4Nox5CcsBma7ZywmpI4hi9sDyMLzR_Tg0thQzLkkd4xcKKPrp0dV06UPyUsc_irYLRCi7tYEKEtfGN0vX-wk0Gxz6E8KQs-RZKjJMon5TJIhy0qBaElkEU_wP-tu36kH8ZrBg__oCndrc1VdSw6ngzess4mR0D40qVJFTdC32kujBeqWiJAUk_2t-_gdJqlbyeMT7QbH6le-TIBzP7JFoH2OhHAZEZ50HWgGldcQsZnCR_2HojGDXVwjFnl-BljdreRcvPccpexzqtvl_wE_nOkY0FeEn6lC3MG_B1PTUhciPYv2g-GODx6-migXKfcAUMeE_n3BPSV-baLAf-TrxtD0MlC5ttnMTuvSvPJvHxj5hRpO7mPqIHY-lDCnA41h9QOWAYgmJU2DJV6-SNzRnsCeZAi6wXVq0EOrKM96hmbXtCJJ70JYX3QU9QDDD5L_bd1zdkXW4o6SPA9XxzI0RHnD6A67vMBOC7N7VAfa4xWBvY4VcZLqL8WyI44A9XWNZHwzAn-gmxBZc8NOP9h9myYlW6xdAcGWA339ET_oIzRzNK-MYwGR8QFJ0Vy8LpKI2a4qHIc3AiFwOR4jUPtIoo6-gUmMryj1bJDoTaPnasRPwJHodMOBaFIvxqVrNmobwb00IKM93LzIhanxtZ5dxGy692Pkajar4KI2JDzeg20jOngLI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://biiut.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
biiut.com/read-blog	1970-01-20 19:56:54	Name: ad-con Value: %7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2023-03-15%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D
biiut.com/read-blog	1970-01-20 19:56:54	Name: _us Value: 1678940510
biiut.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: fkv48vbfd18ob1271bdplam72e
biiut.com/	1970-01-20 19:56:54	Name: mode Value: day
biiut.com/	1970-01-20 19:06:51	Name: src Value: 1
biiut.com/	1970-01-20 19:56:54	Name: ad-con Value: %7B%26quot%3Bdate%26quot%3B%3A%26quot%3B2023-03-15%26quot%3B%2C%26quot%3Bads%26quot%3B%3A%5B%5D%7D
biiut.com/	1970-01-20 19:56:54	Name: _us Value: 1678940511
.biiut.com/	1970-01-20 19:56:54	Name: _ga Value: GA1.2.2071856039.1678854112
.biiut.com/	1970-01-20 10:22:20	Name: _gid Value: GA1.2.925055233.1678854112
.biiut.com/	1970-01-20 10:20:54	Name: _gat_gtag_UA_250156518_1 Value: 1
.biiut.com/	1970-01-20 19:42:30	Name: __gads Value: ID=3af37100a5f07a8a-222718e74edd0081:T=1678854112:RT=1678854112:S=ALNI_Mbk0cLDiq0kbPb4esdi0c0WYtsN8A
.biiut.com/	1970-01-20 19:42:30	Name: __gpi Value: UID=00000bc5dbca76be:T=1678854112:RT=1678854112:S=ALNI_Mb7U3M8f62kKc8kkaXt-3a6-k6yRA
.doubleclick.net/	1970-01-20 10:20:57	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 19:42:30	Name: IDE Value: AHWqTUmjaLBjhNUiOeKU89J8ArrfJJJIPDyBbpR5fUAoAGEuwf76Xm9npCYSIBLPOnY
.3lift.com/	1970-01-20 12:30:30	Name: tluid Value: 224310867767527793775
.adfarm1.adition.com/	1970-01-20 12:30:30	Name: UserID1 Value: 7210623510091724952
.ctnsnet.com/	1970-01-20 19:06:30	Name: cid_f60b313d5d0f4305b678bcb07d7d1017 Value: 1
.ctnsnet.com/	1970-01-20 19:06:30	Name: gid_CAESENWm0gYrSmucs4sf2bWnjcE Value: 1
.blismedia.com/	1970-01-20 19:06:34	Name: b Value: 641147E1F0807FF3E203BF3ABLIS
.simpli.fi/	1970-01-20 19:07:56	Name: suid Value: 2DCD26DE5EEC402096EE9554EBE3006B
.lijit.com/	1970-01-20 19:06:30	Name: ljt_reader Value: GUAlsGZHoalFA0KaSjeJGk4t
.adform.net/	1970-01-20 11:05:32	Name: C Value: 1
.360yield.com/	1970-01-20 12:30:30	Name: tuuid Value: 1341350e-88d8-496c-8edc-8a35db972a60
.360yield.com/	1970-01-20 12:30:30	Name: tuuid_lu Value: 1678854113
.casalemedia.com/	1970-01-20 19:06:30	Name: CMID Value: ZBFH4YcbbyxeuMOYzU5uUgAA
.casalemedia.com/	1970-01-20 12:30:30	Name: CMPS Value: 2204
.casalemedia.com/	1970-01-20 12:30:30	Name: CMPRO Value: 2204
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Q3z8Sxw9y9z0i0O8yjITg2y1K3K9wUACslW3R4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSsjS2tDAwNTQ1MDQ0MDE0NzE2EuIz1A30iMpwyY30L3F1MwcA0zdwMCQAAAA
.rfihub.com/	1970-01-20 19:42:30	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Q3z8Sxw9y9z0i0O8yjITg2y1K3K9w3iNTQzt7AwNTE0NDYytHzFiMw3MgAAr4obLT0AAAA
.rfihub.com/	1970-01-20 19:42:30	Name: rud Value: H4sIAAAAAAAA_-MSsjS2tDAwNTQ1MDQ0MDE0NzE2EuIz1A30iMpwyY30L3F1MwcA0zdwMCQAAAA
.adform.net/	1970-01-20 11:47:18	Name: uid Value: 6770714647619537473
.mediago.io/	1970-01-20 19:06:30	Name: __mguid_ Value: 2eb9d881e1b6300fd429763dd2426d63
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8753\|ZBFH5
.zemanta.com/	1970-01-20 19:06:30	Name: zuid Value: aohsQseBu0IoKztFBgr2
.id5-sync.com/	1970-01-20 10:20:54	Name: cf Value:
.id5-sync.com/	1970-01-20 10:20:54	Name: cip Value:
.id5-sync.com/	1970-01-20 10:20:54	Name: cnac Value:
.id5-sync.com/	1970-01-20 10:20:54	Name: car Value:
.id5-sync.com/	1970-01-20 10:20:54	Name: gdpr Value:
.id5-sync.com/	1970-01-20 10:20:54	Name: callback Value:
.c.appier.net/	1970-01-20 19:06:30	Name: _auid Value: AQHicQBjCGmC3Rxi4UcRZA
.c.appier.net/	1970-01-20 11:04:06	Name: _gu Value: CAESEKjP6RVL6P9UL_hknNa5-QQ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.rfihub.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
biiut.com
c1.adform.net
cc.adingo.jp
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
dsp.adfarm1.adition.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
id5-sync.com
im.bluevoox.com
match.360yield.com
match.sharethrough.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
s3.us-west-1.wasabisys.com
ssum-sec.casalemedia.com
sync.go.sonobi.com
sync.inmobi.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
um.simpli.fi
unpkg.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.237.2.51
139.162.78.222
142.250.185.98
162.19.138.118
185.80.39.216
193.0.160.131
20.127.253.7
216.52.2.86
2606:4700::6810:7daf
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2001
2a03:2880:f084:d:face:b00c:0:3
2a04:4e42:200::485
3.67.240.173
34.91.62.186
34.96.105.8
35.186.193.173
35.208.249.213
37.157.4.39
38.146.40.19
51.89.9.253
52.192.206.43
52.208.99.252
52.45.175.185
69.166.1.12
70.42.32.255
76.223.111.18
85.114.159.118
00ca801cf6dd34726490fc1d0b3ab73a0bd59948beda8b60a6ab453c63c95a24
0768119997d40c04b6089821d3f39588f7b1bab944317b38f775e03c30424c3b
09fb46e64a5e074b658f667942ab9d3676aefedbe1ffb88e993b64cd9f707d5f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f8d789c8c63f74ba250813636eb86bdf629aeb708bcba761c58effadfd9422e
10b49c7e28a4418531647ec1e037a265ec98e067dcc3d9a3ddb6d605955312e0
10cea3a1d21d152f55cf2cbfd66108118f3dcfc3ad72895105169eef42e4ddec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b68bc7f2116741a1416a43a9e253d79afbcb25b603ab544c7fdf79c5959b468
1b8079af098eea5a95928b7bd5c6182e155eabb422cf72895e727172e0868d73
2600ce52f64d2bb7f1b315eea37ec66e1350c2d81787216d6166dad19a1ed9c1
2c8ab1c671ff89447449455910c278c1fbd8e1db477f0c32aa87d0424cf64261
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
317f149045d69a8bf445de8bbd3ff61b2cc95da746998e97f4381dfe3326c7f7
31bf132414b94f78150182de95e509e584292fa381599d8d8b9ecbd8f4d6de6f
340c70065b47dff8d7b6f4592854f7defdc068348f4c341c22b9b34b13ba9aa4
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
3b11e1b6e7e59141771ad3268367beb8a65a8e4c9268cd61d49ed8271c1057ea
3d48b8cafe750ee41f121acd16acf90de8f07e04b5a7f8a46c3073eec24c6026
3e06f1f1d7ff87c81c723c7c47b132be3592d0540e666fa5bef1eee543dad340
41f2d67bc7d54d1fc7714c567d05bc33b34173e8088bd52d521d3e8f3b506c9e
424c9f2c32b92bcdca3656b8cc199e975ef7aef76cdd3cc8386fd435d66d5a75
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4663200896ebda7217cd9ad5779273cb030138739612b065f0de950dece7e0ce
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b4fe4595f306e845f6b7487b1460a04406edc0822f3529ea3021f6bab9c0318
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d9e50379350abb45769a5049fc416a2ad6455c413756833d1e1249b617e6550
4dd7ca26366191c4c87d0da61ec047712e0631ec11e521d7a184a048499d27eb
4e3db43e0e3bb334dda61e4f492c3652816bd25f0a7c015e9bab01997b3c3e3f
4fd8a92c0fb92cb92284688822f06b16ce0ed6077d5c7bce687e9962d0fa9cb1
50fa6eada22f53cb20d2461bbd4a4ef64b69f7a0af4d3e1c308183abdd30381f
525d7ed3269b8be512258e4ab4be8c38098e1940618d6d8bffb64d6b00c36ec3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565c02dd7081dc18a9c22f7878fdf85cd6e9f9dee378f78c992a29e98aaf14f3
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aefdd61b6f9d3c22f4f949d878696bffee60cc009f02c0e0e665faad3d51490
5b2816980afc376b618fe8c176a242883e90199278e6bbbbe1c7c932f5ad50b2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6838daba9201ad885ef13c42f4570ff1caea4d4fd602f491493cbbcd038aea7b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cf65655be8f139f3f94f1f2c468d00588cd271f6a9541e73c62e58ebfe764c6
6ebaed6a095c5c59e7380f5623e5bfb030c69322de705d8b06aaf7c59aeeb798
6f28d38df567d7099218f91c1842f6943260abbc19339f0cdb8439c7e261e56d
708ba23153a7718ed0d77915d1f95a5c4de9829d4b22aa8e1a63283328f7ae9c
7318cacab2a05d8689ce8696b1a5b7950cb734234ac68ed94f086f92c44159fc
73ec8932259cd10834767c2ecf41c8f7924516bd6037526f5e2112525f63df1e
7b3cabe5228f518d38cf72ca37179f6014f2adb01cc9fa183d87025d0b5ac448
80583b000cf3233a28609fa79cfc84bc659b98d097f8ae64852d1027dd612823
8511b3608ee3391e3f6a006ea476f62ddce8cfff29115277d56bf1c555341821
85e0166b7fcbfe659e1f32aa02265d0af2480bbd99d2d0a91cfcc53da14a4ed7
920cd13901db3df43b834b71583becded744b238626e6a84715177b2ab6f9f43
923c682c2c4419614f27aca2b64d30641c0fa58cc6778f0f538219b7a7016ae6
998b778581b6ca86c5d33af22feb263064a7be2afa604663b4a88e1266c696e0
99fd5b173efa7b03e791fb79ba276034235a94e3035b6d5ff9c2e63b329cffc7
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2da02163db902793c4bfc3a2b40a0555176ae2971339ec4cec0bb1f107b4fa3
a2e1738435fa9cc3bee3dddac73a988a7c4b12a2cbd909bc00e82c0ce936ca8d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67742a9db92c3f1fba7aad828ca1c55f0a7d35084fc8d2befd315a556d2b83d
a71a7814b44a9f578d65a39f25dbb2419186d856953fee32a85acfbbe84b5f24
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a8809d962a56732e4db4cdea94557fc29c8179b7bed5d5ad70e90bfde650115e
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b359ab4541ab7c6405078002a55d78a760a1f7b3c985f4f8917b5e25920d81ab
b47bfd80aa185f0903315ae94aeb3e6d20b8c183b3d07ff9986983f4faa440a4
bd04bb4978d38fce197da3095bff68da165f6de18d2fc56ac5f1d7fb61c8e947
bfc682d82aaaddd4fced81f7d2985d978c54cfc46a69ea93eaf92712656e14b2
c2128b5b8a9ea02f0830a3b22c37023dae3f287e7ef5d91fbb4ff535c6b30675
c22308edbb8e579501cdd58de2ce245ea13f2d9efde21c79a0938e21094305a3
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3180e12eb685444ab411102850ff11a8dbf30e573348e0ad8a82cefb49132f1
c687f6b1f8bbbe02f68cc724afdbef7e7954f58fb38473b1b82d0c2e32c652a8
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb4ec597764d44492ac20e31d89a2c16f6c77d3fbe8d926defcb2e66fd35fb97
cf835cf4068f4e57f593aa6d20c629f4c3b02518078beef1e438bc2e6c334597
d081e2384403050591bb5f121de99aa83f496e9520fdbcbe042541730cf510f6
d3ab836bf8e4f7279e3d2acf59feaebdbd4965b063bcbcc225261ecb069f5e3e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dad48b8d492e76b2626678c443126dba1dec938a228611f7571abb3f86211a91
e071b6074f72141eb7ebd787d1ee51be7b38290505ae277136b1cb4af64c2de4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2a4f3d1e938126cc98985cbc1234775884b4ed8883f0aff6244899aef34f275
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6de5456b614ff897853faa2d26597bd3127fea58d1d256d7c32eee342423936
ed4832e4b8f18785effdd2240d32c54e2878c63fa0289001458f9162bd8f03ad
f0bff839d71c8655ca1f74c8ebfb251be9ee95a148096ebf0af69f0324247548
f340702ac88c0389c054af1fb8af14bd12bfeb2ad600add390409aff7e83b097
f35730d034c52f9003a7418b37c095ef7cc21dfdf02bf809a7380705d0d0b54e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5f49770d9b13beb49ce66866cd25b9fc5a19b3c28297c3785d0e606a84f7fcf
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f81601bcbb0d05f59578d7a7cb0b283d8ede32c0da454b7f9f9c66d865220315
fb7bd3f8e05835e2b81aacb7207cedd7e908f52f46fbae03e72c1908da987b6a
fd13946495aa1bf835050c02d49cbed5a155e8c2ef4077ea533c044341f908d7

biiut.com Open in urlscan Pro 104.237.2.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

158 Requests

88 %HTTPS

41 %IPv6

35 Domains

39 Subdomains

25 IPs

9 Countries

2575 kBTransfer

7917 kBSize

43 Cookies

7 Outgoing links

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

biiut.com Open in urlscan Pro
104.237.2.51 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

88 %
HTTPS

41 %
IPv6

35
Domains

39
Subdomains

25
IPs

9
Countries

2575 kB
Transfer

7917 kB
Size

43
Cookies

158 HTTP transactions
11 data transactions