h1bdata.info Open in urlscan Pro
3.66.136.156 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://h1bdata.info/
Effective URL:
https://h1bdata.info/
Submission: On March 08 via manual (March 8th 2022, 4:31:22 pm UTC) from US — Scanned from DE

Summary HTTP 107 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 33 domains to perform 107 HTTP transactions. The main IP is 3.66.136.156, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is h1bdata.info. The Cisco Umbrella rank of the primary domain is 291368.
TLS certificate: Issued by R3 on March 2nd 2022. Valid for: 3 months.

This is the only time h1bdata.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	3.66.136.156 3.66.136.156	16509 (AMAZON-02) (AMAZON-02)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.222.210.175 52.222.210.175	16509 (AMAZON-02) (AMAZON-02)
4	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:3a2a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2490:400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700:20:... 2606:4700:20::681a:623	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.36.109.47 54.36.109.47	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	18.235.17.58 18.235.17.58	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	35.87.102.183 35.87.102.183	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	18.158.52.79 18.158.52.79	16509 (AMAZON-02) (AMAZON-02)
2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
4	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
4	2606:4700:20:... 2606:4700:20::681a:a19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
4	104.22.68.131 104.22.68.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	92.122.147.230 92.122.147.230	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	147.75.38.124 147.75.38.124	() ()
1	67.202.105.31 67.202.105.31	() ()
107	38

17 3.66.136.156 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com

h1bdata.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

netdna.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:3a2a (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

stream.playbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:623 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-35-87-102-183.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.47 (France)

ASN16276 (OVH, FR)
PTR: p02.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.17.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-17-58.compute-1.amazonaws.com

prd-collector-anon.ex.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.87.102.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-87-102-183.us-west-2.compute.amazonaws.com

v4-api-35-87-102-183.b2c.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.158.52.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-52-79.eu-central-1.compute.amazonaws.com

pb-server.ezoic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)

prebid.smilewanted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.147.230 (Milan, Italy) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-147-230.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (None, )

ASN- ()

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122	120 KB
17	h1bdata.info 1 redirects h1bdata.info — Cisco Umbrella Rank: 291368	101 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	202 KB
6	gstatic.com www.gstatic.com	25 KB
4	smilewanted.com prebid.smilewanted.com — Cisco Umbrella Rank: 6722	664 B
4	adpone.com rtb.adpone.com — Cisco Umbrella Rank: 13511	3 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 412	13 KB
4	ezoic.com pb-server.ezoic.com — Cisco Umbrella Rank: 9353	3 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	b2c.com 1 redirects api-35-87-102-183.b2c.com v4-api-35-87-102-183.b2c.com	7 KB
4	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	97 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 275	40 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 7742 ezodn.com — Cisco Umbrella Rank: 7515 g.ezodn.com — Cisco Umbrella Rank: 57407	217 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1229	2 KB
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 205	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 488	11 KB
2	bootstrapcdn.com netdna.bootstrapcdn.com — Cisco Umbrella Rank: 2682	26 KB
1	tynt.com ic.tynt.com
1	a-mo.net 1 redirects prebid.a-mo.net	317 B
1	1rx.io tag.1rx.io — Cisco Umbrella Rank: 1169	168 B
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 689	309 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3978	884 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 797	499 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5671	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	39 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	ex.co prd-collector-anon.ex.co — Cisco Umbrella Rank: 8734	134 B
1	playbuzz.com stream.playbuzz.com — Cisco Umbrella Rank: 26039	229 KB
1	ezoic.net go.ezoic.net — Cisco Umbrella Rank: 8598	2 KB
1	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 7566	936 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
107	33

	Domain	Requested by
17	h1bdata.info	1 redirects h1bdata.info
9	pagead2.googlesyndication.com	h1bdata.info securepubads.g.doubleclick.net tpc.googlesyndication.com www.gstatic.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
6	www.gstatic.com	d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
5	securepubads.g.doubleclick.net	h1bdata.info securepubads.g.doubleclick.net
4	prebid.smilewanted.com	go.ezodn.com
4	rtb.adpone.com	go.ezodn.com
4	fastlane.rubiconproject.com	go.ezodn.com
4	pb-server.ezoic.com	go.ezodn.com
4	code.jquery.com	h1bdata.info code.jquery.com
4	c.amazon-adsystem.com	h1bdata.info c.amazon-adsystem.com
3	www.google.com	1 redirects tpc.googlesyndication.com d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
3	fonts.googleapis.com	client d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
3	api-35-87-102-183.b2c.com	1 redirects h1bdata.info
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
2	ssum.casalemedia.com	2 redirects
2	ib.adnxs.com	go.ezodn.com
2	d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	netdna.bootstrapcdn.com	h1bdata.info
1	ic.tynt.com	go.ezodn.com
1	prebid.a-mo.net	1 redirects
1	tag.1rx.io	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	hb-api.omnitagjs.com	go.ezodn.com
1	onetag-sys.com	go.ezodn.com
1	ghb.adtelligent.com	go.ezodn.com
1	www.googletagservices.com	d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	v4-api-35-87-102-183.b2c.com
1	prd-collector-anon.ex.co	stream.playbuzz.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	cdn.id5-sync.com	h1bdata.info
1	g.ezodn.com	ezodn.com
1	stream.playbuzz.com	h1bdata.info
1	go.ezoic.net	h1bdata.info
1	ezodn.com	h1bdata.info
1	api.fouanalytics.com	h1bdata.info
1	www.googletagmanager.com	h1bdata.info
1	go.ezodn.com	h1bdata.info
107	42

This site contains links to these domains. Also see Links.

Domain
levels.fyi
www.levels.fyi
www.ezoic.com
en.wikipedia.org
www.foreignlaborcert.doleta.gov
g.ezoic.net

Subject Issuer	Validity	Valid
h1bdata.info R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.ezoic.net Amazon	`2022-01-16` - `2023-02-14`	a year	crt.sh
*.playbuzz.com Go Daddy Secure Certificate Authority - G2	`2021-07-12` - `2022-08-13`	a year	crt.sh
cdn.id5-sync.com R3	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.ex.co Go Daddy Secure Certificate Authority - G2	`2021-11-06` - `2022-11-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.ezoic.com Amazon	`2021-09-29` - `2022-10-28`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://h1bdata.info/
Frame ID: E1C66C6EB41DA99D04C16D0CF26ADC36
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220303/r20190131/zrt_lookup.html
Frame ID: 9B409064F876B8FC1D8F4F3B451D0202
Requests: 1 HTTP requests in this frame

Frame: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 45D347FB39431716863E18956E1679A0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB1E21B71920323F0E657C10D18E3511
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD81BE7A06087C91D83E1598784B52B3
Requests: 2 HTTP requests in this frame

Frame: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4E23F40FA5CCD25C21957DA77D123BDA
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/f0bb7a1f705d608239f854e986aba8ab.js?tag=client_fast_engine_2019
Frame ID: 2C2BDEB805C2F8A79C8008F9C3B61A3C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9B846CE4E3D2962A69D3C4EEF00D0217
Requests: 2 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 6E9FBA8D496CDE2352C9C97745BFDA35
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

H1B Visa Salary Database 2022 - By Employer, Job, or City

Page URL History Show full URLs

http://h1bdata.info/ HTTP 301
https://h1bdata.info/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

107
Requests

97 %
HTTPS

55 %
IPv6

33
Domains

42
Subdomains

38
IPs

8
Countries

1212 kB
Transfer

3941 kB
Size

32
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://levels.fyi/services/?ref=h1bdata.info
Title: Negotiate

Search URL Search Domain Scan URL

URL: https://www.levels.fyi/services/resume/?ref=h1bdata.info
Title: Resume

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Labor_Condition_Application
Title: LCA

Search URL Search Domain Scan URL

URL: http://www.foreignlaborcert.doleta.gov/performancedata.cfm#dis
Title: United States Department of Labor (DOL)

Search URL Search Domain Scan URL

URL: https://g.ezoic.net/privacy/h1bdata.info
Title: Privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://h1bdata.info/ HTTP 301
https://h1bdata.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://api-35-87-102-183.b2c.com/api/x?Hk6SS6DhkAfJEs5N$dXJsJDAkaHR0cHM6Ly9oMWJkYXRhLmluZm8vIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRlbiQwJDAiLCJ2aXNpYmlsaXR5U3RhdGUkMCR2aXNpYmxlIiwiaGFzRm9jdXMkMCQxIiwid2luZG93JDAkMTYwMHgxMjAwIiwicGl4ZWxyYXRpbyQwJDEiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkMSIsInNlc3Npb25TdG9yYWdlJDEkMSIsImFwcENvZGVOYW1lJDEkTW96aWxsYSIsImFwcE5hbWUkMSROZXRzY2FwZSIsImFwcFZlcnNpb24kMSQ1LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQyJHRydWUiLCJkZXZpY2VNZW1vcnkkMiQ4IiwiZG9Ob3RUcmFjayQyJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMiQ0IiwibGFuZ3VhZ2UkMiRlbi1VUyIsInBsYXRmb3JtJDMkTGludXggeDg2XzY0IiwicHJvZHVjdCQzJEdlY2tvIiwicHJvZHVjdFN1YiQzJDIwMDMwMTA3IiwidXNlckFnZW50JDMkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk5LjAuNDg0NC41MSBTYWZhcmkvNTM3LjM2IiwidmVuZG9yJDMkR29vZ2xlIEluYy4iLCJ2ZW5kb3JTdWIkMyQiLCJuYXZpZ2F0b3ItaGFzaCQ3JDI0YTExMDUyIiwibmF2aWdhdG9yLXRpbWUkNyQ0LjEiLCJzZW5kQmVhY29uJDckMSIsImZvbnRyZW5kZXIkMTAkMSIsInRpbWUkMTAkMTY0Njc1NzA3NzMwMiIsInRpbWV6b25lJDEwJDAiLCJwbHVnaW5zLXRpbWUkMTAkMC4yIiwicGx1Z2lucyQxMCRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkMTAkMTQuMyIsIm1lbS11c2VkSlNIZWFwU2l6ZSQxMCQxMi43IiwibWVtLWpzSGVhcFNpemVMaW1pdCQxNCQzNzYwIiwidGltZS1mZXRjaFN0YXJ0JDE0JDc5IiwidGltZS1kb21haW5Mb29rdXBTdGFydCQxNCQ4MCIsInRpbWUtZG9tYWluTG9va3VwRW5kJDE0JDgwIiwidGltZS1jb25uZWN0U3RhcnQkMTQkODAiLCJ0aW1lLWNvbm5lY3RFbmQkMTQkMTExIiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkMTQkOTUiLCJ0aW1lLXJlcXVlc3RTdGFydCQxNCQxMTEiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkMTQkNjMwIiwidGltZS1yZXNwb25zZUVuZCQxNCQ2NzAiLCJ0aW1lLWRvbUxvYWRpbmckMTQkNjMzIiwidGltZS1kb21JbnRlcmFjdGl2ZSQxNCQxMTIyIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQxNCQxMTIyIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkMTQkMTE0OSIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQxNSQwIiwibmF2aWdhdGlvbi10eXBlJDE1JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDM1JDEuOCIsImdsb2JhbHMkMzUkNGYxZTNkMmMiLCJkb2N1bWVudC10aW1lJDQ1JDIuNiIsImRvY3VtZW50JDQ1JDkwMmQwYmMzIiwiY29ubmVjdGlvbiQ0NiQiLCJkb3dubGlua01heCQ0NiQiLCJnZXRVc2VyTWVkaWEkNDYkMiIsInBhZ2UtZnJhbWUtY291bnQkNDckMSIsInBhZ2UtZnJhbWUtbGlzdCQ0NyQweDAjZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0IiwicGFnZS1oYXNoLXRpbWUkNTAkMy41IiwicGFnZS1oYXNoJDUwJDMwMmVjZjE1IiwiZm9udCQ1OSQxMDAwMDAwIiwic3R5bGUtaGFzaCQ2MCQzNGQ3NmEzMiIsInN0eWxlLXRpbWUkNjAkMC42IiwiYXVkaW8tY29kZWMkNjEkMjIyMTIiLCJ2aWRlby1jb2RlYyQ2MSQyMjIwMDAiLCJjbG9jayQ2OCQyNjk2Iiwic29ydCQ4MCQxMi44Iiwic3RhY2skODIkMTM5ODIiLCJzdGFjay1lcnJvciQ4MiRSYW5nZUVycm9yOiBNYXhpbXVtIGNhbGwgc3RhY2sgc2l6ZSBleGNlZWRlZCIsInN0YWNrLXRpbWUkODIkMS40Iiwid2ViZ2wkODkkMSIsIndlYmdsMiQ4OSQxIiwid2ViZ2wtdmVuZG9yJDg5JEludGVsIEluYy4iLCJ3ZWJnbC1yZW5kZXJlciQ4OSRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDg5JGM1MzgyMGZlIiwid2ViZ2wtdGltZSQ4OSQ3LjQiLCJiYXR0ZXJ5JDk2JDEgMSAwIEluZmluaXR5IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQ5NiRwcm9tcHQiLCJhdWRpb2NvbnRleHQkOTYkZjdlNzEyZDkiLCJhdWRpb2NvbnRleHQtdGltZSQ5NiQzNCIsImludGVyc2VjdGlvbi1zaXplJDk4JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbi1lbnRlciQ5OCQweDAgMTYwMHgxMTcxIiwiaW50ZXJzZWN0aW9uJDk4JDEwMCIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQxNTckcHJvbXB0IiwicGVybWlzc2lvbi1jYW1lcmEkMTU3JHByb21wdCIsInBlcm1pc3Npb24tbWljcm9waG9uZSQxNTckcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkMTU3JHByb21wdCIsImFkYmxvY2skMTU3JDAiLCJmcmFtZXJhdGUkMTcyJDMw HTTP 302
https://v4-api-35-87-102-183.b2c.com:444/api/4?Hk6SS6DhkAfJEs5N

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 103

https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=194962&us_privacy=1---&C=1 HTTP 302
https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YieE2bWLwbcHQO80qJCeUwAA%261180

Request Chain 104

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=7af0e35b-c161-4f04-bd93-8df88561d524&us_privacy=1---

107 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
h1bdata.info/
Redirect Chain

http://h1bdata.info/
https://h1bdata.info/

151 KB
42 KB

550ms
518ms

Document
text/html

3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/5.5.9-1ubuntu4.29
Resource Hash: 0b18baac866394353dadec33df2bcdac3666acb215e4319fd472024e4213036f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/html
date: Tue, 08 Mar 2022 16:31:16 GMT
display: pub_site_sol
expires: Mon, 07 Mar 2022 16:31:16 GMT
pagespeed: off
response: 200
server: nginx
vary: Accept-Encoding Accept-Encoding
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-powered-by: PHP/5.5.9-1ubuntu4.29
x-sol: pub_site

Redirect headers

Cache-Control: public, max-age=86400
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Tue, 08 Mar 2022 16:31:15 GMT
Location: https://h1bdata.info/
Server: nginx
Vary: Accept-Encoding Accept-Encoding
X-Middleton-Display: redirect

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 123ms
60ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: h1bdata.info
URL: https://h1bdata.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

56829f1e573332420e722f269796ff684fbaf25ca63630f98f44b47e185357db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27797
x-xss-protection: 0
server: sffe
etag: "1153 / 66 of 1000 / last-modified: 1646741416"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Mar 2022 16:31:16 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 389 KB
115 KB 153ms
96ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1e66f78d4c959e31c042bd0bec4f3f209e2e674a23d36e176f1a7a2696373d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 08 Mar 2022 16:31:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMJfMWwHnLql2lpdF6m%2BsRiQKHinOw0BLkS2k3peDwn3vhLYMtgvjcNt%2FVnnvjfac6M1Zb5ieTdXULm3o6J7E4hUFAg9WDmqG3nzMc8uNY4XWwXZil9hRt3gT7JMf9fa82%2B0PmMSeAzrHA8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e8cf5d0afea9119-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 116ms
31ms Script
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 865
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0ZH5ES8R2W7K0F726Q6T
date: Tue, 08 Mar 2022 16:16:56 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: q85Vd9j51wY9vjXz48HtFjDUffCbWwfaMF2hG-nQS9kf-XkW1NAhzw==

GET
H2 200 banger.js Show response
h1bdata.info/porpoiseant/ 53 KB
12 KB 31ms
30ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/porpoiseant/banger.js?cb=195-3&bv=103&v=57&PageSpeed=off
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 99001d2d16c2c7e3831486d8f962a50e08c4c5cce15826d8c69e985fe282faea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 jquery-ui.min.css
code.jquery.com/ui/1.10.3/themes/smoothness/ 26 KB
5 KB 74ms
28ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.min.css
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-693b"
vary: Accept-Encoding
x-hw: 1646757076.dop251.am5.t,1646757076.cds227.am5.hn,1646757076.cds149.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 5237

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ 90 KB
32 KB 74ms
29ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-169d5"
vary: Accept-Encoding
x-hw: 1646757076.dop251.am5.t,1646757076.cds227.am5.hn,1646757076.cds015.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.10.3/ 223 KB
59 KB 102ms
59ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.3/jquery-ui.min.js
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-37aed"
vary: Accept-Encoding
x-hw: 1646757076.dop251.am5.t,1646757076.cds227.am5.hn,1646757076.cds116.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 60381

GET
H2 200 jquery.tablesorter.min.js Show response
h1bdata.info/js/ 27 KB
9 KB 365ms
364ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/js/jquery.tablesorter.min.js
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c62e1b5544348f430d3a64160c79d5b353d76f2205644cc388fcadd4822610fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
response: 200
last-modified: Fri, 04 Mar 2022 01:55:03 GMT
server: nginx
display: staticcontent_sol
etag: "6c71-5339e3d1e0114-gzip-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: public, max-age=31536000
x-middleton-response: 200

GET
H2 200 theme.blue.min.css
h1bdata.info/css/ 2 KB
657 B 381ms
381ms Stylesheet
text/css 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/css/theme.blue.min.css?ez_used_css_s=1236
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f602ac509ba145313a51553a3842a3a7472b0d6da9a249543c8d4ed85d1f64d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
response: 200
last-modified: Fri, 04 Mar 2022 01:55:03 GMT
server: nginx
display: staticcontent_sol, orig_site_sol
etag: "1294-5339e3d1d93b4-gzip-gzip"
vary: Accept-Encoding, Accept-Encoding,Origin
content-type: text/css
x-middleton-display: staticcontent_sol, orig_site_sol
cache-control: public, max-age=31536000
x-middleton-response: 200
x-sol: orig
content-length: 535

GET
H2 200 bootstrap.min.css
netdna.bootstrapcdn.com/bootstrap/3.1.1/css/ 98 KB
17 KB 91ms
39ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css

Requested by

Host: h1bdata.info
URL: https://h1bdata.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 3659755
cdn-cachedat: 2021-04-13 02:10:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: cc3b94c6c6f0a2cfda68b86a26bef56a
cf-ray: 6e8cf5d0bec0915c-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.js Show response
netdna.bootstrapcdn.com/bootstrap/3.1.1/js/ 28 KB
8 KB 88ms
37ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netdna.bootstrapcdn.com/bootstrap/3.1.1/js/bootstrap.min.js

Requested by

Host: h1bdata.info
URL: https://h1bdata.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 718, 718
age: 3659755
cdn-cachedat: 2021-06-08 12:36:44
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:57 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b6bdb7ea1f9746d37106e2aa6b6b0fbd
cf-ray: 6e8cf5d0cec3915c-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 120ms
55ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: h1bdata.info
URL: https://h1bdata.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1a868c3460caaa4a3fdc36e61f60355e0083c1d54b49406300ab0deb934a4cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53807
x-xss-protection: 0
server: cafe
etag: 11948778812956305485
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Mar 2022 16:31:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 92 KB
37 KB 110ms
44ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-49269421-1

Requested by

Host: h1bdata.info
URL: https://h1bdata.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bf90bbad4c5cc2fab4b27352c6f7652903bb818b552b68a8b0f244bfaefa99aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36933
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 08 Mar 2022 16:31:17 GMT

GET
H2 200 init-1632lqsy2s4fklqsvsii.js Show response
api.fouanalytics.com/api/ 476 B
936 B 264ms
189ms Script
text/javascript 2606:4700:3033::6815:3a2a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1632lqsy2s4fklqsvsii.js
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3a2a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9848e2e6c0238a66aaf94a28d5a0fd5962f48928632c67426ac1eff330979e2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXOOqdAI5KHY%2BcR0Nnc40%2FzoFMga%2BP%2Bo6TOoLBAKoIgquKqDcfZrNc6IdBE%2Bt6sH6L9wdMwYwFX63TyKtlYm9%2FVj46r92%2FUh9FNmHZtbtHdPLk4QlAkaDUQFze%2F73hJEuSl8BQcSf0mGI1t6ZjHKLF%2BVNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6e8cf5d348139131-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 altconsent.js Show response
ezodn.com/cmp/ 396 KB
100 KB 111ms
56ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ezodn.com/cmp/altconsent.js?v=9
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4adb3837e4411342aa9b52dafd1646c32196b17c56c5420b77b9abebebe0f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 04 Mar 2022 07:06:23 GMT
server: cloudflare
age: 346514
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CjH0ctmBEXxNfvXSOlGD0t1MXic4It%2FpPVSyks3v91grtFlPA%2BGbShhylj9yV%2FDhWctEktEUNl%2B7QwXFQSlt9ECSBT59f6Flldhiap4YS1AOz0SVQGdt%2BA2x7KCvhs9H2PUaTHdnnyk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e8cf5d0ceae5c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ezcl.webp Show response
h1bdata.info/utilcave_com/inc/ 1 KB
1 KB 55ms
54ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
x-sol: middleton
server: nginx
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
content-length: 605

GET
H3 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 53ms
24ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Mar 2023 16:26:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
115 B 100ms
39ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=h1bdata.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

6bf16d997e2120016fb96c45df09b0a91e6f326d3b6b5f2c0fa854a881c029fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Tue, 08 Mar 2022 16:31:16 GMT

GET
H2 200 cmbv2.js Show response
h1bdata.info/detroitchicago/ 67 KB
18 KB 40ms
39ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 17c4f48393a9823060eacb643b1d084489813cdaa0d39e16fc1e1582fb4a7ea2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 150ms
21ms Image
image/png 2600:9000:2490:400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 07:27:28 GMT
via: 1.1 5c0a79476717d213b9c559bafee1c65e.cloudfront.net (CloudFront)
x-sol: middleton
age: 119029
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: pyvWgcIwm58Iq4UUEO45rPKhKs60Wjs0qFTR8feLW8XBjbAMFldsNw==
last-modified: Fri, 04 Mar 2022 01:55:03 GMT
server: nginx
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P6
display: staticcontent_sol
expires: Mon, 14 Mar 2022 07:27:28 GMT

GET
H2 200 sdk.js Show response
stream.playbuzz.com/embed/ 784 KB
229 KB 305ms
190ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.playbuzz.com/embed/sdk.js?embedId=1148bd18-3384-4149-982c-654b348d7859
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ae3b175d09861f981f398662a0789b1cdd24750d6b44b2423db6d45da9402bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: gzip
age: 30769
x-cache: HIT, HIT
access-control-max-age: 600
content-length: 234290
x-served-by: cache-iad-kjyo7100037-IAD, cache-hhn4052-HHN
access-control-allow-origin: *
server: nginx
x-timer: S1646757077.070033,VS0,VE183
etag: W/"c3fb0-TgYAIa+H3wJkNjsi2x0Re/kNOh8"
vary: Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: no-cache
accept-ranges: bytes
access-control-allow-headers: Accept, Authorization, Content-Type
x-cache-hits: 1, 1

GET
H2 200 houston.js Show response
h1bdata.info/detroitchicago/ 4 KB
1 KB 27ms
27ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/houston.js?gcb=3&cb=16
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:16 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1351

GET
H2 200 style.css
g.ezodn.com/cmp/ 15 KB
2 KB 82ms
45ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/style.css?domainId=73160&version=9&cv=5fa625ffffff000000
Requested by: Host: ezodn.com
URL: https://ezodn.com/cmp/altconsent.js?v=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39eda7c628f3c7967290aec8514942939c31bc7999b1dcb6928a55e0fcbeae8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 07:11:23 GMT
server: cloudflare
age: 504977
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzUSQ9646hiILcjmwsmKpElAH5tw8ZEj3B4pQn55eJ8MZDxGv2575MiZsptcaKxrEDq7QIdE3t8kPqpNmsoc%2Flx96A44ek9ctibcxIHLIOuZlBDwSnsjVuWNSA5Qu%2FoEzxAFzQoIIVTzxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e8cf5d36c185c50-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ui-bg_flat_75_ffffff_40x100.png
code.jquery.com/ui/1.10.3/themes/smoothness/images/ 208 B
362 B 48ms
47ms Image
image/png 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.jquery.com/ui/1.10.3/themes/smoothness/images/ui-bg_flat_75_ffffff_40x100.png
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d5dba68ad6a4387aec524a5a83e8c8c3c0b6328ef2aa64a1ed3a4a0f5099685

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://code.jquery.com/ui/1.10.3/themes/smoothness/jquery-ui.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: "611feaca-d0"
x-hw: 1646757077.dop251.am5.t,1646757077.cds227.am5.hn,1646757077.cds238.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 208

GET
H2 200 imp.gif Show response
h1bdata.info/detroitchicago/ 43 B
185 B 41ms
40ms XHR
image/gif 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C5%2C1%2C0%2C37%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A1%2C%22city%22%3A%22Frankfurt%20am%20Main%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A3%2C%22domain_id%22%3A73160%2C%22domain_test_group%22%3A20210309%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1101%2C1102%2C1140%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22ba4bfdec-5777-402e-7f4b-c5fd16c2923b%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%2260313%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A14628%2C%22response_time_orig%22%3A338%2C%22serverid%22%3A%2218.185.45.167%3A31960%22%2C%22state%22%3A%22HE%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1101%2C1102%2C1140%22%2C%22t_epoch%22%3A1646757075%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fh1bdata.info%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A184%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Mon, 07 Mar 2022 16:31:16 GMT

GET
H2 200 cmbdv2.js Show response
h1bdata.info/detroitchicago/ 44 KB
10 KB 51ms
51ms Script
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/cmbdv2.js?gcb=195-3&cb=03-5y0c-5y18-4y59-21&cmbcb=21&sj=x03x0cx18x59&abt=VideoAutoskip
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e07d90580efbfe7793abf82ae4f343bf9e10d0e2986ebc9be5a6fc63f20fcb41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 nmash.js
h1bdata.info/porpoiseant/ 24 KB
6 KB 41ms
41ms Other
application/javascript 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/porpoiseant/nmash.js?v=103
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
last-modified: Fri, 04 Mar 2022 01:55:03 GMT
server: nginx
etag: "6003-5d95acd960bc0;5d95acd960bc0-gzip"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 385 B
739 B 36ms
36ms XHR
application/json 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fh1bdata.info&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: Server /
Resource Hash: dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 15:00:28 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server: Server
age: 5449
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://h1bdata.info
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 385
x-amz-cf-id: LXQqgmktRfBPPWiwo1Wg05GuLclzXiMJFLjwfA2fmO2uVEqtIY9CSg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 52ms
52ms XHR
text/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fh1bdata.info%2F&pid=w7xVCr7RHieyy&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-h1bdata_info-medrectangle-2-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22569402415%2Fh1bdata_info-medrectangle-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-h1bdata_info-box-2-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22569402415%2Fh1bdata_info-box-2%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-h1bdata_info-box-1-0%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%22%2F1254144%2C22569402415%2Fh1bdata_info-box-1%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-h1bdata_info-leader-1-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2C22569402415%2Fh1bdata_info-leader-1%22%7D%5D&schain=1.0%2C1!ezoic.ai%2C24936462fe159d34afad130c55521905%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.210.175 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-210-175.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: WHHT50G82NHC8KY3RCG4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: zjRRvO6Yd6SES3J08pxyo_NPdqufUd0eoKMOERuKAysSvoJo3VzOYg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 72ms
21ms XHR
application/javascript 52.222.210.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-210-175.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 35089
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
date: Tue, 08 Mar 2022 12:06:41 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: -I3l5CSAF7mzEbM38iqmrS6eNA7cna2-DRsKhg5Q4bctG_-Isj3ruQ==

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 38 KB
11 KB 95ms
11ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: h1bdata.info
URL: https://h1bdata.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Tue, 08 Mar 2022 16:18:56 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10644
x-request-id: 231638035

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 59ms
18ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-49269421-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3384
date: Tue, 08 Mar 2022 15:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 08 Mar 2022 17:34:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220303/r20190131/ Frame 9B40 10 KB
5 KB 55ms
9ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220303/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 08 Mar 2022 00:01:43 GMT
expires: Tue, 22 Mar 2022 00:01:43 GMT
cache-control: public, max-age=1209600
age: 59374
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 52ms
21ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1303368735&t=pageview&_s=1&dl=https%3A%2F%2Fh1bdata.info%2F&ul=en-us&de=UTF-8&dt=H1B%20Visa%20Salary%20Database%202022%20-%20By%20Employer%2C%20Job%2C%20or%20City&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=300310774&gjid=1866523493&cid=2114607163.1646757077&tid=UA-49269421-1&_gid=1533603181.1646757077&_r=1&gtm=2ou370&z=377042967

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h1bdata.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pp.js Show response
api-35-87-102-183.b2c.com/s/ 15 KB
6 KB 68ms
31ms Script
text/javascript 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-35-87-102-183.b2c.com/s/pp.js
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5648
etag: W/"620fe3a7-3aa0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwwnTl%2FMKpJkcO7ZLJiLgnhAt1e9EavD7XdNlHFc%2Bwfu3fbIquzKwtBjbBkC%2BIStn9fenr%2B9JJkemnPbvc4W2Royp8RNEZmaPYzgiq1t%2BGdZ3xccT9TfrPgDpmOaqhHX%2FwF5%2By%2F1UNGGLA5%2FWXYRUxZSh0pwGBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6e8cf5d4ebfa9b22-FRA

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 213 B
530 B 68ms
29ms XHR
application/json 54.36.109.47
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.47 , France, ASN16276 (OVH, FR),

Reverse DNS

p02.id5-sync.com

Software

Resource Hash

4d80f4ad99d20433bfc1ff8c21da23c301f8243012b1dfdce58551fdc7e15951

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://h1bdata.info
Date: Tue, 08 Mar 2022 16:31:16 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 66ms
21ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-49269421-1&cid=2114607163.1646757077&jid=300310774&gjid=1866523493&_gid=1533603181.1646757077&_u=YEBAAUAAAAAAAC~&z=363725782

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 08 Mar 2022 16:31:17 GMT
content-type: text/plain
access-control-allow-origin: https://h1bdata.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad.gif
api-35-87-102-183.b2c.com/s/ 43 B
380 B 17ms
16ms Image
image/gif 2606:4700:20::681a:623
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api-35-87-102-183.b2c.com/s/ad.gif
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:623 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:17 GMT
cf-cache-status: HIT
last-modified: Fri, 18 Feb 2022 18:21:27 GMT
server: cloudflare
age: 5600
etag: "620fe3a7-2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=33retvUjpUXNd36qZCMe%2BPxmk9PekCT0R48KY5OiaVNrItoX3N9Hqet1vzSmmPq6bq1yCjGpDD%2Fqg5tZBY2a3wTu5XOBbsgep1jiogF%2FQRznVNonXHB%2BSkqjEC4a1RgqlwUcvOb6QtEX1ALNlJyCdRG0y4mmUVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6e8cf5d57cfc9b22-FRA
content-length: 43

POST
H2 200 events Show response
prd-collector-anon.ex.co/main/ 0
134 B 305ms
99ms XHR
text/plain 18.235.17.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prd-collector-anon.ex.co/main/events
Requested by: Host: stream.playbuzz.com
URL: https://stream.playbuzz.com/embed/sdk.js?embedId=1148bd18-3384-4149-982c-654b348d7859
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.17.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-17-58.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://h1bdata.info
date: Tue, 08 Mar 2022 16:31:17 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin
content-type: text/plain; charset=utf-8

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
1 KB 43ms
17ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 14:46:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 16:31:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 16:31:17 GMT

GET
H/1.1

200
OK

4 Show response
v4-api-35-87-102-183.b2c.com/api/
Redirect Chain

https://api-35-87-102-183.b2c.com/api/x?Hk6SS6DhkAfJEs5N$dXJsJDAkaHR0cHM6Ly9oMWJkYXRhLmluZm8vIiwicmVmZXJyZXIkMCQiLCJhbmNlc3Rvck9yaWdpbnMkMCQiLCJ2aWRlbyQwJDE2MDB4MTIwMHgyNCIsImZyYW1lJDAkMCIsImhpZGRl...
https://v4-api-35-87-102-183.b2c.com:444/api/4?Hk6SS6DhkAfJEs5N

0
141 B

636ms
219ms

XHR
text/plain

35.87.102.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v4-api-35-87-102-183.b2c.com:444/api/4?Hk6SS6DhkAfJEs5N
Protocol: HTTP/1.1
Server: 35.87.102.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-87-102-183.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Transfer-Encoding: chunked
Access-Control-Allow-Methods: *

Redirect headers

date: Tue, 08 Mar 2022 16:31:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://v4-api-35-87-102-183.b2c.com:444/api/4?Hk6SS6DhkAfJEs5N
access-control-allow-methods: *
content-type: text/html
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLeIRtAgXvbMESe3WIyr2abOKX%2FUADvqapJI23ffiQtN8%2FppBiDaqyUM5Qdeot5Sd9I2X2qj8T4hS6nGCG28dEKpD6p0ty8leB%2FRa75php9tp2%2BOtOTBkUe62h%2BFUfMzbnWDlK8e5BZwD4nSaTaZO5WPSOj3zBw%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 6e8cf5d7298091d2-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 72ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=h1bdata.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 70ms
24ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=h1bdata.info

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 132 KB
34 KB 546ms
545ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1065889618997977&correlator=2131526162164319&eid=31065488%2C21064372%2C31060890&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&us_privacy=1---&sc=1&iu_parts=1254144%3A22569402415%2Ch1bdata_info-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&sfv=1-0-38&ecs=20220308&ists=1&fas=8&fsapi=false&prev_scp=ga%3D2497208%26tap%3Dh1bdata_info-pixel1-4025364702872820%26ezoic%3D1%26eb_br%3D57914c3716312cb7e954090f0717ea25%26ap%3D9999%26iid1%3D4025364702872820%26bra%3Dmod33&eri=1&cookie_enabled=1&abxe=1&dt=1646757077975&lmt=1646757077&dlt=1646757076510&idt=559&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&ucis=1&adks=498755207&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fh1bdata.info%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2114607163.1646757077&ga_sid=1646757078&ga_hid=1303368735&ga_fc=true&btvi=-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

0711fcf4339a2ea201c33e6718d427a401272a11a007d5fe85fcfe7f41c681a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34473
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://h1bdata.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 57ms
33ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

947502248d88ff30d697f659990008e719797f1d4b5bf31040a805cc83e66a61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 08 Mar 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10473
x-xss-protection: 0

GET
H2 200 container.html Show response
d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 45D3 6 KB
4 KB 88ms
28ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 08 Mar 2022 16:31:18 GMT
expires: Wed, 08 Mar 2023 16:31:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 18ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022030301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

6e35f715e86f44c81d6a3c141e2119fba3c702f850ba10d200711040a0529bc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 11:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 449415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13469
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Mar 2023 11:41:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 186ms
23ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Mar 2022 16:31:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB1E 13 KB
5 KB 25ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 15:28:27 GMT
expires: Wed, 08 Mar 2023 15:28:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 3771
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD81 783 B
1 KB 61ms
20ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dce67c196d06d3cd83d102fe47fe97884c3b895aa493f77a15071126566c0a80

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-inH/xbsdaXBTpRxBB8kTnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Mar 2022 16:31:18 GMT
date: Tue, 08 Mar 2022 16:31:18 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-inH/xbsdaXBTpRxBB8kTnQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame FB1E 35 KB
13 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 10:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 08 Mar 2023 10:58:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD81 0
0 56ms
56ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=1065889618997977&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FB1E 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pH71gA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E23 6 KB
3 KB 24ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Mar 2022 16:31:18 GMT
expires: Wed, 08 Mar 2023 16:31:18 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 greenoaks.gif Show response
h1bdata.info/detroitchicago/ 0
93 B 10ms
9ms XHR
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJkZXZpY2Vfd2lkdGgiLCJ2YWwiOiIxNjAwIn0seyJuYW1lIjoiZGV2aWNlX2hlaWdodCIsInZhbCI6IjEyMDAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIyLTAzLTA4In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTYifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmE0YmZkZWMtNTc3Ny00MDJlLTdmNGItYzVmZDE2YzI5MjNiIiwiZG9tYWluX2lkIjoiNzMxNjAiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmE0YmZkZWMtNTc3Ny00MDJlLTdmNGItYzVmZDE2YzI5MjNiIiwiZG9tYWluX2lkIjoiNzMxNjAiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX1d
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Mon, 07 Mar 2022 16:31:17 GMT

GET
H2 200 greenoaks.gif Show response
h1bdata.info/detroitchicago/ 0
42 B 11ms
10ms XHR
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjExMSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiNjMwIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiI0MCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI0NTMifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI0NzkifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiOTQ0In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmE0YmZkZWMtNTc3Ny00MDJlLTdmNGItYzVmZDE2YzI5MjNiIiwiZG9tYWluX2lkIjoiNzMxNjAiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIxMDU5In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYmE0YmZkZWMtNTc3Ny00MDJlLTdmNGItYzVmZDE2YzI5MjNiIiwiZG9tYWluX2lkIjoiNzMxNjAiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjEwNTkifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2Rvd25saW5rIiwidmFsIjoiOS4xIn1dfV0=
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Mon, 07 Mar 2022 16:31:19 GMT

GET
H2 200 greenoaks.gif Show response
h1bdata.info/detroitchicago/ 0
42 B 10ms
10ms XHR
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMjAxNiJ9XX1d
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Mon, 07 Mar 2022 16:31:15 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 4E23 4 KB
634 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:32:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 16:31:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 16:31:18 GMT

GET
H2 200 f0bb7a1f705d608239f854e986aba8ab.js Show response
www.gstatic.com/mysidia/ Frame 2C2B 9 KB
4 KB 41ms
12ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f0bb7a1f705d608239f854e986aba8ab.js?tag=client_fast_engine_2019

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 10:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3745
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 10:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 10:14:15 GMT

GET
H2 200 20f6155da7ffe30d395dd79f4848ae07.js Show response
www.gstatic.com/mysidia/ Frame 2C2B 14 KB
6 KB 41ms
13ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/20f6155da7ffe30d395dd79f4848ae07.js?tag=pingback

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a6298684710d89b09764bac7eaf752f89b88eae6d4a4892484abb0c4b181b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 10:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 454538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5907
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 10:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 10:15:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2C2B 8 KB
892 B 22ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 15:37:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Mar 2022 16:31:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Mar 2022 16:31:18 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 2C2B 2 KB
904 B 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 16:28:54 GMT

GET
H2 200 d34df65fcafd90cc5429663efaa0dabf.js Show response
www.gstatic.com/mysidia/ Frame 2C2B 6 KB
2 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d34df65fcafd90cc5429663efaa0dabf.js?tag=analytics_pingback_2019

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595c8e1b1a02e786dc2842bf830ea10563de9c49058163de036b0c1c978ded66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 07:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 463022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2261
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 07:54:16 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/ Frame 2C2B 19 KB
8 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/abg_lite_fy2019.js

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:29:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 16:29:19 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 2C2B 2 KB
1 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/window_focus_fy2019.js

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:27:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 16:27:11 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2C2B 124 KB
39 KB 54ms
27ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38802
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646656195544221"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Mar 2022 16:31:18 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/ Frame 2C2B 15 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:28:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 16:28:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2C2B 0
0 39ms
15ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSchTS52NMSsUKNMnLB5dn01HMe0yUq9xVYu-uAQJJi1XqRcmDHAYKQZq1lLFs0IIvkuwMR4mmn8kcjyQ3WLajRzDVP5g
Requested by: Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 2C2B 28 KB
12 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 11:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 10:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:23:09 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/ Frame 4E23 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220303/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85cfe5e946591217984fb277d2731f49cfda54b67311941ab7ec48abb8a7135d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8372
x-xss-protection: 0
server: cafe
etag: 4013669502889648115
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 16:27:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E23 205 B
519 B 35ms
14ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 19:22:25 GMT
x-content-type-options: nosniff
age: 76133
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Mar 2023 19:22:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4E23 604 B
694 B 35ms
15ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 14:19:20 GMT
x-content-type-options: nosniff
age: 7918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Mar 2023 14:19:20 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2B 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgo6CAQqNmluZnJhX2NvbnRyb2xfMTBwLG15c2lkaWFfYW5hbHl0aWNzX2V4cDEsaG9saWRheV9lbW9qaQoNECshAAAAAAAAIEAwBAoNEAMhAAAAMDMzUEAwBBIaQ0s2eHJKWDR0dllDRlVZTDRBb2RSUzRFYkEiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/20f6155da7ffe30d395dd79f4848ae07.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2B 0
20 B 42ms
42ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgo6CAQqNmluZnJhX2NvbnRyb2xfMTBwLG15c2lkaWFfYW5hbHl0aWNzX2V4cDEsaG9saWRheV9lbW9qaQoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQSGkNLNnhySlg0dHZZQ0ZVWUw0QW9kUlM0RWJBIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/20f6155da7ffe30d395dd79f4848ae07.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B84 143 B
163 B 22ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 08 Mar 2022 16:03:16 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 greenoaks.gif Show response
h1bdata.info/detroitchicago/ 0
42 B 10ms
10ms XHR
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJkb21haW5faWQiOiI3MzE2MCIsInRfZXBvY2giOjE2NDY3NTcwNzUsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiMjEyNiJ9XX1d
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Mon, 07 Mar 2022 16:31:18 GMT

GET
H2 200 army.gif Show response
h1bdata.info/porpoiseant/ 0
19 B 10ms
10ms XHR
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDAyNTM2NDcwMjg3MjgyMCIsImRvbWFpbl9pZCI6IjczMTYwIiwidW5pdCI6ImgxYmRhdGFfaW5mby1waXhlbDEiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJhdWN0aW9uX2Vwb2NoIjoxNjQ2NzU3MDc5LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImJhNGJmZGVjLTU3NzctNDAyZS03ZjRiLWM1ZmQxNmMyOTIzYiIsImJpZF9mbG9vcl9pbml0aWFsIjpudWxsLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6bnVsbCwiYXVjdGlvbl9jb3VudCI6MSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NjY0LCJtdWx0aV9hZF91bml0IjpudWxsLCJtdWx0aV9hZF9jb3VudCI6bnVsbCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:18 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Mon, 07 Mar 2022 16:31:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2B 0
20 B 43ms
42ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgo6CAQqNmluZnJhX2NvbnRyb2xfMTBwLG15c2lkaWFfYW5hbHl0aWNzX2V4cDEsaG9saWRheV9lbW9qaQoNECshAAAAAAAAKkAwBAoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAMAv0UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAAABgXkAwBBIaQ0s2eHJKWDR0dllDRlVZTDRBb2RSUzRFYkEiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/20f6155da7ffe30d395dd79f4848ae07.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2C2B 0
20 B 46ms
46ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgocCAEqGGxhcmdlLWJhbm5lci1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgo6CAQqNmluZnJhX2NvbnRyb2xfMTBwLG15c2lkaWFfYW5hbHl0aWNzX2V4cDEsaG9saWRheV9lbW9qaQoNEBQhAAAAAMBS0kAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAHEAwBAoNEBghAAAAZGYmYUAwBBIaQ0s2eHJKWDR0dllDRlVZTDRBb2RSUzRFYkEiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/20f6155da7ffe30d395dd79f4848ae07.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9B84
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

76ms
76ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
URL: https://d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Mar 2022 16:31:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 08 Mar 2022 16:31:18 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Mar 2022 16:31:18 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
47ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=1065889618997977&bg=!3t2l3ZnNAAb7UztL-1M7ACkAdvg8WuxvA8Yh1LblSo6iQcxS-JvSwoVkI1DCK-tHx-N3pa1EciA8mAIAAABPUgAAAAFoAQcKAKkIPqKzjCyLsWebJLkUFfVlJbrxi8aiMzvZC8HJl4hVgULhqJpIkB6-dKaGbRxNmBYpEbOxNJX6ZtjE1R58mqNmpedCeBzb3LJQFcVpCJazuythOMP51GGXBEODZ1NVR0AvQBF6Zae6fMuUMm2IYO4JDkPIxb-f6EUZyQlXpVWMMdxgnASjRWScVegdr2UZ6aADTq11y5-Gwti6baRyZppspeefn3kWqAxzmQLAhofqqc8yaGGokLxtqIsbUW3Meo0C1ZMeXwUVko6Z-zBm56uled61UZ0dH_dPUiDquhQa030GslLvF8ul28Uy2CQzAuYqLATvPP5inFDEW_lAvbTOk3TkIou2DLH7Gd78Smh2akTtF2Xa4zWqRwg4kHkF2ijUYS7kSZNPZT4Ir4IhaPKvVaeFPd4J4FREycE9kPQld9x6GtBRGC7uWNMDiIRKx0FdeCHvkIWkMpRhSPLZ0nGbRFOFsZV5aunk0DLcVTUxHp0GeF0gJMBhMwH2r-XZzfykXg-RCw7dRr3wQQttKhMLLBez5kPRPTIGesZZi05T89x7cCa01y1bmX7xnGNe5WcnGYEygGHCLTASMie1TxSGEy6xHEn3nGOYCQLO1yt75oMeHbSQ5_hUeLl25Uuk9OrnWOiNa66oszrIrn8w_0Q3PGj5ICiyPvMHiXlog1Q8Cu3kDOoLYoS-qVv4zzPnCJ31Z42-8EweA8Cy4hSPly5duL0Bh8GadwFBzX7469_tLMgWHioWrYN1e6Feer2ZxAT_5hoTpvghQIK-WDMgpiK48TBsIUXmvJeDJBkcZ9ASVaMbKGGEQ_I1syA5vHovust7W6at_thqi3ptC8baxCsHzHu4A2uOpDmu5vGnfu9HjDGclPZ7K8pA7TIZjddDtclO-OL-SOYRa2HN8toPh2JDa2Rz3gMIM2Zr2YRmrNaWpSHVHg_JVVdHmqwwfHW5z6jxHSWqm9DjLBI5Akdq1uc8j5jM7hGk4bEic59r0V6nyH9JPjnuW9x1UM2Jf1VnmLryfHuw2X5oLHq2exh6RXY0vLj9kEaquqP-pliaiFhnxekc-9OQR1xSHj-HqfWtVBVDXeWpjjiGFE1D5Wblr-GEOCLCgrPNb_9jfkBbA0plt-BUGlqhs44DKtVz8l6jnLsPXz_2uwfxfEM03aU

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
h1bdata.info/porpoiseant/ 0
65 B 10ms
10ms XHR
text/plain 3.66.136.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://h1bdata.info/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAyNTM2NDcwMjg3MjgyMCIsImRvbWFpbl9pZCI6IjczMTYwIiwidW5pdCI6ImgxYmRhdGFfaW5mby1waXhlbDEiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAyNTM2NDcwMjg3MjgyMCIsImRvbWFpbl9pZCI6IjczMTYwIiwidW5pdCI6ImgxYmRhdGFfaW5mby1waXhlbDEiLCJ0X2Vwb2NoIjoxNjQ2NzU3MDc1LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJiYTRiZmRlYy01Nzc3LTQwMmUtN2Y0Yi1jNWZkMTZjMjkyM2IiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMjUzNjQ3MDI4NzI4MjAiLCJkb21haW5faWQiOiI3MzE2MCIsInVuaXQiOiJoMWJkYXRhX2luZm8tcGl4ZWwxIiwidF9lcG9jaCI6MTY0Njc1NzA3NSwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYmE0YmZkZWMtNTc3Ny00MDJlLTdmNGItYzVmZDE2YzI5MjNiIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: h1bdata.info
URL: https://h1bdata.info/detroitchicago/cmbv2.js?gcb=195-3&cb=04-1y02-5y06-12y07-1y19-5y0b-5y0d-14y13-3y17-4y1c-2y21-3y58-21&cmbcb=21&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x58&abt=VideoAutoskip
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.66.136.156 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-136-156.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 16:31:20 GMT
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Mon, 07 Mar 2022 16:31:20 GMT

POST
H2 200 cookie_sync Show response
pb-server.ezoic.com/ 1 KB
2 KB 43ms
8ms XHR
application/json 18.158.52.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/cookie_sync
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.52.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-52-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e1ac5013455cdd0d45e3901b88e11e8d7df1ee85d1a7741c8ab66be39ce83b9f

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:21 GMT
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://h1bdata.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1337
expires: 0

POST
H2 200 auction Show response
pb-server.ezoic.com/openrtb2/ 480 B
686 B 358ms
324ms XHR
application/json 18.158.52.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-server.ezoic.com/openrtb2/auction
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.52.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-52-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f806f5e379606a7f99bbdfec7c05cae0a9237fff15a0bb07c355a2b1dd8faa12

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:21 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://h1bdata.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 480
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 32 KB
10 KB 831ms
798ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

58b0ec8563266f3b2c05ab0516a4d74b6a3a45372ef510f74ebd1d57d188c8e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 08 Mar 2022 16:31:22 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4ce30b07-466a-424d-9b05-472b8089e4f4
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://h1bdata.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 10 KB
2 KB 443ms
359ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 96d72e7dc19d9d6a1ac15deb667adbe967b73d52f29e153e3a23e0ec6e6858a0

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 08 Mar 2022 16:31:21 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://h1bdata.info
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 1604

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
499 B 164ms
140ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://h1bdata.info
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 536 B
884 B 404ms
363ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fh1bdata.info%2F&CanonicalUrl=https%3A%2F%2Fh1bdata.info%2F&PublisherDomain=https%3A%2F%2Fh1bdata.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

41ef11ddc074c8cb04e988ac4a594c6ba2c7c875faefc8bfd52ed450771d9157

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:21 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://h1bdata.info
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 346
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 536
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 470 B
1 KB 44ms
14ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

66419deaadeb387dc9a916ef3ea13cfd993cba57479abe9aade9f709843a0c45

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 16:31:21 GMT
X-Proxy-Origin: 138.199.38.133; 138.199.38.133; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: da9a18b6-2493-468f-8505-1ba332a5dff8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://h1bdata.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 470
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 204ms
103ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&alt_size_ids=55&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,24936462fe159d34afad130c55521905,1,,,&rf=https%3A%2F%2Fh1bdata.info%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=edcab308-cd04-4f3f-a2e0-3d562af3dec6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6761708862003803
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 440df738827c58d35685bfe3dca750a2c3c8a66395afac8cc3931605f9e1dcab

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 16:31:21 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://h1bdata.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2369
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 191ms
88ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=57&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,24936462fe159d34afad130c55521905,1,,,&rf=https%3A%2F%2Fh1bdata.info%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=bac79071-66d9-46fe-8ada-f206240a8ade&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.29381615867152333
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 555ba518dfe7aa05f44b8c92d7e4e8f06525df412901ba6057f1b196bf3fb391

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 16:31:21 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://h1bdata.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 187ms
84ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=9&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,24936462fe159d34afad130c55521905,1,,,&rf=https%3A%2F%2Fh1bdata.info%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=390ffdf2-85ea-4f4c-b2fc-4dbfeeb35f76&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6649830695571928
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ad778ac63610726319b4363e75e95552550c176f3b5934f32c1c16416bb95ec2

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 16:31:21 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://h1bdata.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2340
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 253ms
150ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&alt_size_ids=55%2C57&us_privacy=1---&rp_schain=1.0,1!ezoic.ai,24936462fe159d34afad130c55521905,1,,,&rf=https%3A%2F%2Fh1bdata.info%2F&tk_flint=pbjs_lite_v6.0.0&x_source.tid=601ed4b8-d305-494e-86bd-25c7c70f2b32&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3716840437500819
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 08585358c95c37e2328f3ed85bbeff5c45e0afcf712230368a7568401bff6df1

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 16:31:21 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://h1bdata.info
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2365
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid-request Show response
rtb.adpone.com/ 769 B
721 B 73ms
44ms XHR
application/json 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121102492022538
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45619f320dd2e3c153cf3d1c3d1e057ad075e8a7246f6749d8757aaa763b2e0f

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpcT5FudJLgAxwtKswIzVn5xV2BPPbJSs0MKl8VoZ2e%2BIp9aamSsy23SQ0lT0scoSuzk4K%2FWRSvzbgbaqoKWGnRZmGdE%2B%2FrjjbqLAUiDxgx007w%2BieGbemhBmj%2Fy5bPnQhnok%2BkyXtkDcLpc"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00e399182-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 771 B
985 B 70ms
41ms XHR
application/json 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121102492016235
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0efa92704fb52012bcbe6dabbaf00eeaa9dfa68059eddb49794f961caf4687d1

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pGmodM9B9JpBoOAKHpdNvpGlyKwAqYINheBtlCDH8MP%2BGcywRBoxsylP6UrEGlMUTFLBeYzsPwQEHtCGmql9QqWLvboB7FrRM5nXbHeryCRHaVDXiIYa9yCVXW3XLyMPKYl3FKWtpfYFm8R"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00e3b9182-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 771 B
714 B 72ms
43ms XHR
application/json 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121102492026770
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb37476a58385ca0465b140d2aa200e889d1949c4d820ecb4b75973369d2e147

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXesHL0djhmQc5a%2FJwpsqYPdA0L%2FjqXdd9I0YG6Crd%2FJWE2H8WwNvt4K9RLBQNz203ZahwaKzemipnjU5HzmdBc2hTaUlcMLdF7Iv9FPh51R%2FE3l440s%2BZ1nBnclEKEANXSwCm%2Fv7FqhxGRp"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00e3e9182-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 771 B
726 B 71ms
42ms XHR
application/json 2606:4700:20::681a:a19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121102492016235
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d34926d1c59ee259991f97a0491c6a4c291c576a93014b5d0336b8a88d26a6

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T7SLFd7kEzMjSo7s5yPeNbDrrRBpXAC9Jyula%2Bqt2APs%2BR%2FAvr1OwmqEwu0%2BIrm1PNO8KvegQgRoEwItVR9MPEl1ziQDcMx%2F5RK0gfzBCmPe5SfNk8%2BbWPFLYeZO8zcXL%2F1u7UnAaIEGjlZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00e409182-FRA

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
309 B 76ms
41ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.0.0&cb=91424393674

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:20 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 204 mvo Show response
tag.1rx.io/rmp/215626/0/ 0
168 B 75ms
44ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=6,2.1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://h1bdata.info
pragma: no-cache
date: Tue, 08 Mar 2022 16:31:21 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 73ms
54ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00a8e9a3f-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
77 B 73ms
54ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00a939a3f-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
76 B 72ms
53ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00a979a3f-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H2 200 / Show response
prebid.smilewanted.com/ 0
434 B 71ms
53ms XHR
application/json 104.22.68.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.smilewanted.com/
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://h1bdata.info/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 08 Mar 2022 16:31:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://h1bdata.info
access-control-allow-credentials: true
cf-ray: 6e8cf5f00a999a3f-FRA
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=194962&us_privacy=1---&C=1
https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YieE2bWLwbcHQO80qJCeUwAA%261180

86 B
451 B

8ms
8ms

Image
image/png

18.158.52.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YieE2bWLwbcHQO80qJCeUwAA%261180
Protocol: H2
Server: 18.158.52.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-52-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 86
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 08 Mar 2022 16:31:21 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://pb-server.ezoic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=YieE2bWLwbcHQO80qJCeUwAA%261180
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 304
Expires: Tue, 08 Mar 2022 16:31:21 GMT

GET
H2

200

setuid
pb-server.ezoic.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=1---&cb=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=7af0e35b-c161-4f04-bd93-8df88561d524&us_privacy=1---

86 B
557 B

8ms
8ms

Image
image/png

18.158.52.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=7af0e35b-c161-4f04-bd93-8df88561d524&us_privacy=1---
Protocol: H2
Server: 18.158.52.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-52-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Mar 2022 16:31:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/png
content-length: 86
vary: Origin
expires: 0

Redirect headers

location: https://pb-server.ezoic.com/setuid?bidder=amx&gdpr=&gdpr_consent=&f=i&uid=7af0e35b-c161-4f04-bd93-8df88561d524&us_privacy=1---
date: Tue, 08 Mar 2022 16:31:22 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2 204 d
ic.tynt.com/r/ Frame 6E9F 0
0 415ms
104ms Document
text/plain 67.202.105.31

General

Check archive.org

Show headers Download Go to

Full URL: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=1---&ru=https%3A%2F%2Fpb-server.ezoic.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=33across,adpone,adtelligent,adyoulike,amx,appnexus,criteo,ix,oftmedia,onemobile,onetag,pubmatic,rhythmone,rubicon,smilewanted,sovrn&cb=195-3-35
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://h1bdata.info/

Response headers

server: nginx/1.16.1
date: Tue, 08 Mar 2022 16:31:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Verdicts & Comments Add Verdict or Comment

247 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.h1bdata.info/	1970-01-20 01:25:58	Name: ezoadgid_73160 Value: -1
.h1bdata.info/	1970-01-20 01:26:04	Name: ezoref_73160 Value:
.h1bdata.info/	1970-01-20 01:26:04	Name: ezoab_73160 Value: mod33
.h1bdata.info/	1970-01-20 01:25:58	Name: ezopvc_73160 Value: 1
.h1bdata.info/	1970-01-20 01:27:23	Name: ezepvv Value: 276
.h1bdata.info/	1970-01-20 01:25:58	Name: ezovid_73160 Value: 1137001909
.h1bdata.info/	1970-01-20 01:25:58	Name: lp_73160 Value: https://h1bdata.info/
.h1bdata.info/	1970-01-20 01:28:49	Name: ezovuuidtime_73160 Value: 1646757076
.h1bdata.info/	1970-01-20 01:25:58	Name: ezovuuid_73160 Value: f46d5367-51be-4f38-6c2d-8f59866ee886
.h1bdata.info/	1970-01-20 10:11:33	Name: ezCMPCCS Value: false
h1bdata.info/	1970-01-22 14:45:09	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
h1bdata.info/	1970-01-22 14:45:09	Name: ezohw Value: w%3D1600%2Ch%3D1200
.h1bdata.info/	1970-01-20 10:11:33	Name: ezosuibasgeneris-1 Value: 3396a540-00e1-40f2-7c1f-6b330e2a2180
.h1bdata.info/	1970-01-20 01:28:49	Name: active_template::73160 Value: pub_site.1646757076
h1bdata.info/	1969-12-31 23:59:59	Name: ezouspvv Value: 0
.h1bdata.info/	1970-01-20 18:57:09	Name: _ga Value: GA1.2.2114607163.1646757077
.h1bdata.info/	1970-01-20 01:27:23	Name: _gid Value: GA1.2.1533603181.1646757077
.h1bdata.info/	1970-01-20 01:25:57	Name: _gat_gtag_UA_49269421_1 Value: 1
h1bdata.info/	1970-01-20 02:09:09	Name: exco-uid Value: 73a0vvnlwio1e93s
.h1bdata.info/	1970-01-20 10:47:33	Name: __gads Value: ID=ccd27f4c0f8f1a80-22d9997257cd0072:T=1646757077:S=ALNI_MY9QmVLbmO1yXnFrZek8k2LDdd06A
h1bdata.info/	1969-12-31 23:59:59	Name: ezouspva Value: 1
.doubleclick.net/	1970-01-20 01:26:00	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 10:47:33	Name: IDE Value: AHWqTUnJ5sW5y6wA871sZsXHFnYTxCZuVGKDi_GgDxFmpvAXq9fxf_yDAG7lYTZ7
h1bdata.info/	1970-01-20 02:09:09	Name: _pbjs_userid_consent_data Value: 3524755945110770
.onetag-sys.com/	1970-01-20 18:57:09	Name: OTP Value: JAEll1roPIygg_dPLjZX0eWO2XU_2YtLTyRZxZpJUds
.rubiconproject.com/	1970-01-20 10:11:33	Name: khaos Value: L0ICNCD9-24-1X9C
.rubiconproject.com/	1970-01-20 10:11:33	Name: audit Value: 1\|naVuGyos1qpMraabAaaPRnjc0/aJelRdbjRFtGIHH0s/v2L5sO5vr1Pdq13N5zohO7boKTkp0TQn2bWx5tI5qRcCEW/sqkN2G7JtXJVTTK0=
.casalemedia.com/	1970-01-20 10:11:33	Name: CMID Value: YieE2bWLwbcHQO80qJCeUwAA
.casalemedia.com/	1970-01-20 03:35:33	Name: CMPS Value: 3240
.casalemedia.com/	1970-01-20 03:35:33	Name: CMPRO Value: 1180
.casalemedia.com/	1970-01-20 01:27:23	Name: CMST Value: YieE2WInhNkA
pb-server.ezoic.com/	1970-01-20 03:35:33	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJZaWVFMmJXTHdiY0hRTzgwcUpDZVV3QUFcdTAwMjYxMTgwIiwiZXhwaXJlcyI6IjIwMjItMDMtMjJUMTY6MzE6MjEuOTgzNjYyNDI5WiJ9fSwiYmRheSI6IjIwMjItMDMtMDhUMTY6MzE6MjEuOTgzNjU4MTM5WiJ9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api-35-87-102-183.b2c.com
api.fouanalytics.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.id5-sync.com
code.jquery.com
d1bbacfb6cb5bc141fcd7c3279aeeb3c.safeframe.googlesyndication.com
ezodn.com
fastlane.rubiconproject.com
fonts.googleapis.com
g.ezodn.com
ghb.adtelligent.com
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
h1bdata.info
hb-api.omnitagjs.com
ib.adnxs.com
ic.tynt.com
id5-sync.com
netdna.bootstrapcdn.com
onetag-sys.com
pagead2.googlesyndication.com
pb-server.ezoic.com
prd-collector-anon.ex.co
prebid.a-mo.net
prebid.smilewanted.com
rtb.adpone.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
stats.g.doubleclick.net
stream.playbuzz.com
tag.1rx.io
tpc.googlesyndication.com
v4-api-35-87-102-183.b2c.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.22.68.131
142.250.181.226
147.75.38.124
151.101.130.137
178.250.2.131
18.158.52.79
18.235.17.58
185.255.84.150
185.33.221.52
2001:4de0:ac18::1:a:1b
213.19.147.42
2600:9000:2490:400:2:cb38:840:93a1
2602:803:c003:200::21
2606:4700:20::681a:623
2606:4700:20::681a:a19
2606:4700:3033::6815:3a2a
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9b
2a06:98c1:3120::7
2a06:98c1:3121::7
2a0c:5c81:5142::2
3.66.136.156
35.87.102.183
46.105.202.126
51.89.9.254
52.222.210.175
54.36.109.47
67.202.105.31
92.122.147.230
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0711fcf4339a2ea201c33e6718d427a401272a11a007d5fe85fcfe7f41c681a4
08585358c95c37e2328f3ed85bbeff5c45e0afcf712230368a7568401bff6df1
0b18baac866394353dadec33df2bcdac3666acb215e4319fd472024e4213036f
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0dddfdcef973923c7b6cbd4534237ab3dcdc76a8aa3d6d03619566261e0b3e63
0efa92704fb52012bcbe6dabbaf00eeaa9dfa68059eddb49794f961caf4687d1
17c4f48393a9823060eacb643b1d084489813cdaa0d39e16fc1e1582fb4a7ea2
17d34926d1c59ee259991f97a0491c6a4c291c576a93014b5d0336b8a88d26a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
41ef11ddc074c8cb04e988ac4a594c6ba2c7c875faefc8bfd52ed450771d9157
440df738827c58d35685bfe3dca750a2c3c8a66395afac8cc3931605f9e1dcab
45619f320dd2e3c153cf3d1c3d1e057ad075e8a7246f6749d8757aaa763b2e0f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d80f4ad99d20433bfc1ff8c21da23c301f8243012b1dfdce58551fdc7e15951
555ba518dfe7aa05f44b8c92d7e4e8f06525df412901ba6057f1b196bf3fb391
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56829f1e573332420e722f269796ff684fbaf25ca63630f98f44b47e185357db
58b0ec8563266f3b2c05ab0516a4d74b6a3a45372ef510f74ebd1d57d188c8e5
595c8e1b1a02e786dc2842bf830ea10563de9c49058163de036b0c1c978ded66
5ae3b175d09861f981f398662a0789b1cdd24750d6b44b2423db6d45da9402bb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66419deaadeb387dc9a916ef3ea13cfd993cba57479abe9aade9f709843a0c45
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf16d997e2120016fb96c45df09b0a91e6f326d3b6b5f2c0fa854a881c029fe
6d5dba68ad6a4387aec524a5a83e8c8c3c0b6328ef2aa64a1ed3a4a0f5099685
6e35f715e86f44c81d6a3c141e2119fba3c702f850ba10d200711040a0529bc0
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
85cfe5e946591217984fb277d2731f49cfda54b67311941ab7ec48abb8a7135d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
947502248d88ff30d697f659990008e719797f1d4b5bf31040a805cc83e66a61
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
96d72e7dc19d9d6a1ac15deb667adbe967b73d52f29e153e3a23e0ec6e6858a0
9848e2e6c0238a66aaf94a28d5a0fd5962f48928632c67426ac1eff330979e2b
99001d2d16c2c7e3831486d8f962a50e08c4c5cce15826d8c69e985fe282faea
9a6298684710d89b09764bac7eaf752f89b88eae6d4a4892484abb0c4b181b53
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89057208861e739c4ea6ea2e1126afd5b41c89f22548e5afeb74b7c71614777
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad778ac63610726319b4363e75e95552550c176f3b5934f32c1c16416bb95ec2
bb37476a58385ca0465b140d2aa200e889d1949c4d820ecb4b75973369d2e147
bf90bbad4c5cc2fab4b27352c6f7652903bb818b552b68a8b0f244bfaefa99aa
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c5ca0a7a38656445f5bc5d37ad32ff89f0c5fd9b2f92ba604e698110787792ab
c62e1b5544348f430d3a64160c79d5b353d76f2205644cc388fcadd4822610fc
cbbd5676d9c7345483787d39fb83cb6880b4ee7d114e53f5b3df9b217af5f72b
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d1e66f78d4c959e31c042bd0bec4f3f209e2e674a23d36e176f1a7a2696373d4
d55a162ebc22d9db98873e0ecf0c76c634df66a6045ea1cab8a4d0b77c607985
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
dce67c196d06d3cd83d102fe47fe97884c3b895aa493f77a15071126566c0a80
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd4320cdfa0077bbe8f1a4e0e77a65c6253cfae2fc282ce7a6ab8e78a330b143
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e07d90580efbfe7793abf82ae4f343bf9e10d0e2986ebc9be5a6fc63f20fcb41
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e1ac5013455cdd0d45e3901b88e11e8d7df1ee85d1a7741c8ab66be39ce83b9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4adb3837e4411342aa9b52dafd1646c32196b17c56c5420b77b9abebebe0f4d
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
f1a868c3460caaa4a3fdc36e61f60355e0083c1d54b49406300ab0deb934a4cc
f39eda7c628f3c7967290aec8514942939c31bc7999b1dcb6928a55e0fcbeae8
f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3
f602ac509ba145313a51553a3842a3a7472b0d6da9a249543c8d4ed85d1f64d8
f806f5e379606a7f99bbdfec7c05cae0a9237fff15a0bb07c355a2b1dd8faa12
ffb648200f12e9e83c7a7d94892271c74f23b39d6f77b9df5e21c96166a41ecb

h1bdata.info Open in urlscan Pro 3.66.136.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

97 %HTTPS

55 %IPv6

33 Domains

42 Subdomains

38 IPs

8 Countries

1212 kBTransfer

3941 kBSize

32 Cookies

6 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

h1bdata.info Open in urlscan Pro
3.66.136.156 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

97 %
HTTPS

55 %
IPv6

33
Domains

42
Subdomains

38
IPs

8
Countries

1212 kB
Transfer

3941 kB
Size

32
Cookies

107 HTTP transactions
0 data transactions