kirb.me Open in urlscan Pro
2606:4700:3034::ac43:805f  Public Scan

20 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response kirb.me/	65 KB 41 KB	127ms 121ms	Document text/html	2606:4700:3034::ac43:805f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://kirb.me/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 80b07d7dc6ada957dded43abd225fe92d3f1c525b8ee72a26082bb589d715af0 Request headers Host kirb.me Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 25 Jun 2020 09:55:58 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Set-Cookie __cfduid=d3f0da665ed98ae0983792ca49991f3021593078957; expires=Sat, 25-Jul-20 09:55:57 GMT; path=/; domain=.kirb.me; HttpOnly; SameSite=Lax Vary Accept-Encoding X-Mod-Pagespeed 🚀 Cache-Control max-age=0, no-cache, s-maxage=10 CF-Cache-Status DYNAMIC cf-request-id 038c80df42000097de9b9c7200000001 Server cloudflare CF-RAY 5a8dd0ded81797de-FRA Content-Encoding gzip
GET H/1.1	200 OK	A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css kirb.me/assets/	8 KB 3 KB	20ms 15ms	Stylesheet text/css	2606:4700:3034::ac43:805f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://kirb.me/assets/A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css Requested by Host: kirb.me URL: http://kirb.me/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b21fdab1c88617b3cbbc63c2e5c51231d69afd8cd1c6834c13fbc6fc37758b8f Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 25 Jun 2020 09:55:58 GMT Content-Encoding gzip CF-Cache-Status HIT X-Original-Content-Length 11136 Age 111 X-Mod-Pagespeed 🚀 Connection keep-alive Content-Length 2699 cf-request-id 038c80dfc70000d6e90b167200000001 Last-Modified Thu, 18 Jun 2020 08:18:27 GMT Server cloudflare Etag W/"0" Vary Accept-Encoding Content-Type text/css; charset=utf-8 Cache-Control max-age=31536000 Accept-Ranges bytes CF-RAY 5a8dd0dfa86bd6e9-FRA Expires Fri, 18 Jun 2021 08:18:27 GMT
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	112 KB 40 KB	29ms 23ms	Script text/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: kirb.me URL: http://kirb.me/ Protocol HTTP/1.1 Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 55a4f3a12720691362f2e3f896de05edbcfbf0a1f23c4a4f10d9796628b6d502 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Timing-Allow-Origin * Date Thu, 25 Jun 2020 09:55:58 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 2584804608310430719 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 40926 X-XSS-Protection 0 Expires Thu, 25 Jun 2020 09:55:58 GMT
GET H/1.1	200 OK	1.JiBnMqyl6S.gif kirb.me/pagespeed_static/	53 B 466 B	34ms 33ms	Image image/gif	2606:4700:3034::ac43:805f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://kirb.me/pagespeed_static/1.JiBnMqyl6S.gif Requested by Host: kirb.me URL: http://kirb.me/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 25 Jun 2020 09:55:58 GMT X-Content-Type-Options nosniff CF-Cache-Status HIT Last-Modified Sat, 20 Jun 2020 16:23:56 GMT Server cloudflare Age 110 Vary Accept-Encoding Content-Type image/gif Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes CF-RAY 5a8dd0dfc8bf97de-FRA Content-Length 53 cf-request-id 038c80dfdc000097de9b9c9200000001
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3f58b60e01dfb4f206ea1cd2cd342894b02f7b9fe76fa9fbd3fecfbfb38e8537 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cca23729be2f6007a934b34196e37c7732999379fcdbb4f2a390c3238734cd76 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	396 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bcf661941f8912ab6dec69c02edce47de26b3141081a5b80344005d2e8bedc08 Request headers Referer http://kirb.me/assets/A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	fsex.woff2 kirb.me/assets/css/	5 KB 5 KB	114ms 114ms	Font application/octet-stream	2606:4700:3034::ac43:805f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://kirb.me/assets/css/fsex.woff2 Requested by Host: kirb.me URL: http://kirb.me/ Protocol HTTP/1.1 Server 2606:4700:3034::ac43:805f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea93080c4272a7771076d7020e31f47616a54900ebbc632e8a8341e339aec9f1 Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://kirb.me/assets/A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css Origin http://kirb.me Response headers Date Thu, 25 Jun 2020 09:55:58 GMT CF-Cache-Status REVALIDATED Last-Modified Sat, 02 Jun 2018 13:05:04 GMT Server cloudflare ETag "1368-56da85959ae03" Vary Accept-Encoding Cache-Control max-age=14400 X-Mod-Pagespeed 🚀 Connection keep-alive Accept-Ranges bytes CF-RAY 5a8dd0dfd8dfd6e9-FRA Content-Length 4968 cf-request-id 038c80dfe20000d6e90b168200000001 Expires Thu, 25 Jun 2020 09:55:58 GMT
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f703b132e16c1971468077d7fb03708bab915a33e1a760493dbf5ad62332eca8 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	248 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ddeaaa36773958fa96e00857eef6128f25ec86370947b3f08b6a63f60fffba5 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	112 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 25f0b52ed00c6c053ca518c5794fb8b811e7cc17db5a29544be30232bf5f38a2 Request headers Referer http://kirb.me/assets/A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	130 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a58b17e2fddb70d1fb0c9cc60ec98a34d60e3b26a6c7564e8d41d66dbdd618ad Request headers Referer http://kirb.me/assets/A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	116 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 59942ef2e45d1c0f767dc63ec2137299c724a6431fce08f358c7f0bce9ffa8e4 Request headers Referer http://kirb.me/assets/A.home-b69206e3858e006aac31b5b6e5d348a395607a16a189c71d26b96adf12e095b7.css.pagespeed.cf.brx_PZtvVz.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	integrator.js Show response adservice.google.de/adsid/	109 B 317 B	15ms 14ms	Script application/javascript	2a00:1450:4001:815::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=kirb.me Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Jun 2020 09:55:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	109 B 169 B	14ms 14ms	Script application/javascript	2a00:1450:4001:815::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=kirb.me Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Jun 2020 09:55:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 104 x-xss-protection 0
GET H2	200	show_ads_impl_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20200622/r20190131/	217 KB 83 KB	48ms 27ms	Script text/javascript	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20200622/r20190131/show_ads_impl_fy2019.js Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 08b316f7524dcf8283f8ba5bcc99a08b53281609128dc9707c0dcf6318e3bf61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 25 Jun 2020 09:55:58 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 83903 x-xss-protection 0 server cafe etag 15558646528098068789 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Thu, 25 Jun 2020 09:55:58 GMT
GET H2	200	zrt_lookup.html googleads.g.doubleclick.net/pagead/html/r20200622/r20190131/ Frame 8302	0 0	6ms 6ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20200622/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20200622/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://kirb.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://kirb.me/ Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * vary Accept-Encoding date Mon, 22 Jun 2020 18:17:21 GMT expires Mon, 06 Jul 2020 18:17:21 GMT content-type text/html; charset=UTF-8 etag 4448614309292777386 x-content-type-options nosniff content-encoding gzip server cafe content-length 4502 x-xss-protection 0 cache-control public, max-age=1209600 age 229117 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
GET H2	200	ads googleads.g.doubleclick.net/pagead/ Frame F2D8	0 0	23ms 22ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4590537067273622&output=html&adk=1812271804&adf=3025194257&lmt=1593078958&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fkirb.me%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593078958108&bpp=11&bdt=95&idt=84&shv=r20200622&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2042472679435&frm=20&pv=2&ga_vid=272030108.1593078958&ga_sid=1593078958&ga_hid=314219877&ga_fc=0&iag=0&icsg=170&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066167%2C21066485&oid=3&pvsid=320336405206116&pem=83&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=100 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200622/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4590537067273622&output=html&adk=1812271804&adf=3025194257&lmt=1593078958&plat=1%3A32776%2C2%3A32776%2C8%3A32768%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fkirb.me%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1593078958108&bpp=11&bdt=95&idt=84&shv=r20200622&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2042472679435&frm=20&pv=2&ga_vid=272030108.1593078958&ga_sid=1593078958&ga_hid=314219877&ga_fc=0&iag=0&icsg=170&dssz=9&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066167%2C21066485&oid=3&pvsid=320336405206116&pem=83&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8208&bc=23&ifi=0&uci=a!0&fsb=1&dtd=100 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://kirb.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://kirb.me/ Response headers status 200 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Thu, 25 Jun 2020 09:55:58 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Thu, 25-Jun-2020 10:10:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" expires Thu, 25 Jun 2020 09:55:58 GMT cache-control private
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/	73 KB 27 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200622/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 367f33e9ced368d6a39b863431212bf952a37233ad2558978da44cad20d68012 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 25 Jun 2020 09:55:58 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1592825540321031" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 27927 x-xss-protection 0 expires Thu, 25 Jun 2020 09:55:58 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	7 KB 6 KB	40ms 21ms	XHR application/json	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200622&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200622/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 28927d5aee8bdfcf1c83a4923824269040154720801aad90dc51558b9ea216ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers timing-allow-origin * date Thu, 25 Jun 2020 09:55:58 GMT content-encoding gzip x-content-type-options nosniff server cafe status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 5714 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	14 KB 6 KB	34ms 14ms	Script text/javascript	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/r20200622/r20190131/show_ads_impl_fy2019.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 25 Jun 2020 09:55:58 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1591403518460474" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=3000 accept-ranges bytes alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5540 x-xss-protection 0 expires Thu, 25 Jun 2020 09:55:58 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/210/ Frame FC2A	0 0	6ms 6ms	Document text/html	2a00:1450:4001:802::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/210/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://kirb.me/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer http://kirb.me/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 4590 date Thu, 25 Jun 2020 09:39:43 GMT expires Fri, 25 Jun 2021 09:39:43 GMT last-modified Wed, 26 Feb 2020 19:47:50 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 975 alt-svc h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	204	gen_204 pagead2.googlesyndication.com/pagead/	0 121 B	14ms 13ms	Image image/gif	2a00:1450:4001:818::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200622&jk=320336405206116&bg=!DA-lDxdYP0OlZ-FkXBECAAAAPlIAAAALmQF3yYWhzHDU4K9RrWYDmBOkx0sMWH1jrGhyJs4AOquGs11mEkvj9PnlYTZcoofW0B9yRENO98Ue_cVA5OCO_eIMUTAXZFoI7ZC8ChDNDT5SBtci65fAufqA1awIszdcUMVLpWTUTE1at_LOhwGTd7wLKj4kpZyC0iqiL2KldgUv9gUpdvrsSxNEolOpS017UrYb0WaLF0H6tGp7iT4Gpz2lEv--TjhsndSxaIy4vMq4_uA5Vm0sAPtKL6hgmONghp-fW7vQtR8uD0EBqX_5pzGmpCEt7SdVBKCw5IjxS5q8aPcuv4VpdaLPOE8jf865aAl6_sS8kyKTD-RW16t_gqJbL0D3CPM1gn4qpI2PgthiL3x5ynb39u3gzQmCjVPk6KfRLDBRyoT0360Ofe6eBJYXtzwUXPFjfjHt4k15LdelM3mTVpXRP0xgYrL7vy6zV8Yq9okxbaKfCRFeewEFae7SPmTgSfuP_MowPSdNKJ--C42VwxU6bffA Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://kirb.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Thu, 25 Jun 2020 09:55:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 204 cache-control no-cache, must-revalidate content-type image/gif alt-svc h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| adsbygoogle object| pagespeed object| currentDragging object| dialogs object| zOrder object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map object| google_t12n_vars function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 10:31:19	Name: test_cookie Value: CheckForPermission
			.kirb.me/	1970-01-19 11:14:30	Name: __cfduid Value: d3f0da665ed98ae0983792ca49991f3021593078957

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
kirb.me
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
2606:4700:3034::ac43:805f
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:815::2002
2a00:1450:4001:818::2002
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08b316f7524dcf8283f8ba5bcc99a08b53281609128dc9707c0dcf6318e3bf61
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a
25f0b52ed00c6c053ca518c5794fb8b811e7cc17db5a29544be30232bf5f38a2
28927d5aee8bdfcf1c83a4923824269040154720801aad90dc51558b9ea216ba
367f33e9ced368d6a39b863431212bf952a37233ad2558978da44cad20d68012
3f58b60e01dfb4f206ea1cd2cd342894b02f7b9fe76fa9fbd3fecfbfb38e8537
55a4f3a12720691362f2e3f896de05edbcfbf0a1f23c4a4f10d9796628b6d502
59942ef2e45d1c0f767dc63ec2137299c724a6431fce08f358c7f0bce9ffa8e4
80b07d7dc6ada957dded43abd225fe92d3f1c525b8ee72a26082bb589d715af0
8ddeaaa36773958fa96e00857eef6128f25ec86370947b3f08b6a63f60fffba5
a58b17e2fddb70d1fb0c9cc60ec98a34d60e3b26a6c7564e8d41d66dbdd618ad
b21fdab1c88617b3cbbc63c2e5c51231d69afd8cd1c6834c13fbc6fc37758b8f
bcf661941f8912ab6dec69c02edce47de26b3141081a5b80344005d2e8bedc08
cca23729be2f6007a934b34196e37c7732999379fcdbb4f2a390c3238734cd76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea93080c4272a7771076d7020e31f47616a54900ebbc632e8a8341e339aec9f1
f703b132e16c1971468077d7fb03708bab915a33e1a760493dbf5ad62332eca8