urlscan.io logo urlscan.io
SecurityTrails logo

ibyt.in Open in urlscan Pro
2606:4700:3032::ac43:8ad7  Public Scan

Go To Rescan Add Verdict Report
URL: https://ibyt.in/
Submission: On November 26 via api from DO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 10 countries across 48 domains to perform 208 HTTP transactions. The main IP is 2606:4700:3032::ac43:8ad7, located in United States and belongs to CLOUDFLARENET, US. The main domain is ibyt.in.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2022. Valid for: a year.
This is the only time ibyt.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 10 2a02:2638:1::13 44788 (ASN-CRITE...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
7 178.250.0.157 44788 (ASN-CRITE...)
3 162.19.138.82 16276 (OVH)
2 2 96.16.141.156 16625 (AKAMAI-AS)
4 23.205.235.133 16625 (AKAMAI-AS)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
1 18.185.169.183 16509 (AMAZON-02)
1 147.75.85.234 54825 (PACKET)
2 185.184.8.90 204995 (RTB-HOUSE...)
5 172.64.154.237 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 34.98.64.218 396982 (GOOGLE-CL...)
1 37.157.3.28 198622 (ADFORM)
2 2a02:2638::24 44788 (ASN-CRITE...)
4 11 185.89.211.116 29990 (ASN-APPNEX)
1 18.156.32.70 16509 (AMAZON-02)
1 7 69.173.144.165 26667 (RUBICONPR...)
2 2 104.18.33.19 13335 (CLOUDFLAR...)
4 6 172.217.16.194 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 69.173.144.138 26667 (RUBICONPR...)
3 3 52.29.215.78 16509 (AMAZON-02)
1 1 35.205.207.25 396982 (GOOGLE-CL...)
1 1 70.42.32.63 13789 (INTERNAP-...)
1 54.71.217.198 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
5 2a02:2638:1::3 44788 (ASN-CRITE...)
1 13.225.78.47 16509 (AMAZON-02)
1 3.132.37.212 16509 (AMAZON-02)
2 159.89.25.223 14061 (DIGITALOC...)
13 2a00:1450:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 52.49.181.242 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
1 2 172.217.16.198 15169 (GOOGLE)
1 9 185.80.39.216 27381 (CASALE-MEDIA)
4 104.18.36.94 13335 (CLOUDFLAR...)
2 23.35.236.188 16625 (AKAMAI-AS)
1 104.17.119.107 13335 (CLOUDFLAR...)
1 2 52.46.143.56 ()
1 52.223.40.198 16509 (AMAZON-02)
2 2 185.183.112.148 60350 (VP)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 2620:116:800d... 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
1 54.195.231.201 16509 (AMAZON-02)
1 2a05:d018:cc3... 16509 (AMAZON-02)
1 72.251.241.204 32475 (SINGLEHOP...)
208 60
24    2606:4700:3032::ac43:8ad7 (United States)

ASN13335 (CLOUDFLARENET, US)
ibyt.in
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.ergadx.com
1    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
26    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.de
pagead2.googlesyndication.com
googleads.g.doubleclick.net
2    2606:4700::6812:1e31 (United States)

ASN13335 (CLOUDFLARENET, US)
stpd.cloud
1    2606:4700:20::681a:2e6 (United States)

ASN13335 (CLOUDFLARENET, US)
cjss.enewspapr.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com
fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
10    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
2    96.16.141.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-141-156.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
6    2606:4700:20::681a:8b2 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid-stag.setupad.net
1    18.185.169.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-169-183.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
5    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
setupad-d.openx.net
google-bidout-d.openx.net
u.openx.net
1    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
11    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
6    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
cm.g.doubleclick.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    52.29.215.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-215-78.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    35.205.207.25 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com
ads.avads.net
1    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    54.71.217.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-217-198.us-west-2.compute.amazonaws.com
id.sharedid.org
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
5    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    13.225.78.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-47.fra2.r.cloudfront.net
tags.crwdcntrl.net
1    3.132.37.212 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-37-212.us-east-2.compute.amazonaws.com
prod.uidapi.com
2    159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
node.setupad.com
13    2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    52.49.181.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f6.1e100.net
ad.doubleclick.net
9    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
2    52.46.143.56 (None, )

ASN- ()
s.amazon-adsystem.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    2a05:d018:d29:3601:aea4:a386:c0ef:3243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    54.195.231.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-231-201.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a05:d018:cc3:fe05:d0c0:37ca:a712:bca6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
Apex Domain
Subdomains		 Transfer
36 googlesyndication.com
17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com
fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
187 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
ad.doubleclick.net — Cisco Umbrella Rank: 197
500 KB
24 ibyt.in
ibyt.in
275 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 434
mug.criteo.com — Cisco Umbrella Rank: 1897
bidder.criteo.com — Cisco Umbrella Rank: 814
24 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 689
ssum.casalemedia.com — Cisco Umbrella Rank: 1863
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562
13 KB
16 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1243
eus.rubiconproject.com — Cisco Umbrella Rank: 735
token.rubiconproject.com — Cisco Umbrella Rank: 732
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2574
pixel.rubiconproject.com — Cisco Umbrella Rank: 411
25 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
acdn.adnxs.com — Cisco Umbrella Rank: 764
secure.adnxs.com — Cisco Umbrella Rank: 577
43 KB
7 openx.net
setupad-d.openx.net — Cisco Umbrella Rank: 52069
oajs.openx.net — Cisco Umbrella Rank: 3247
google-bidout-d.openx.net — Cisco Umbrella Rank: 3181
u.openx.net — Cisco Umbrella Rank: 978
1 KB
6 setupad.net
prebid-stag.setupad.net — Cisco Umbrella Rank: 43188
4 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
3 KB
5 criteo.net
static.criteo.net — Cisco Umbrella Rank: 590
129 KB
5 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2541
mp.4dex.io — Cisco Umbrella Rank: 2780
48 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
175 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 576
ups.analytics.yahoo.com — Cisco Umbrella Rank: 373
2 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 888
cdn.indexww.com — Cisco Umbrella Rank: 2113
3 KB
4 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 554
cdn.id5-sync.com — Cisco Umbrella Rank: 1318
19 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 381
1 KB
3 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5233
invstatic101.creativecdn.com — Cisco Umbrella Rank: 6240
2 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
1 KB
2 ad4m.at
ad4m.at — Cisco Umbrella Rank: 5765
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1697
600 B
2 amazon-adsystem.com
s.amazon-adsystem.com
2 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 6931
238 B
2 setupad.com
node.setupad.com — Cisco Umbrella Rank: 44007
417 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1438
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1200
10 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1083
876 B
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 4842
cs.emxdgt.com — Cisco Umbrella Rank: 1375
153 B
2 stpd.cloud
stpd.cloud — Cisco Umbrella Rank: 45940
283 KB
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1694
283 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1728
181 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 690
433 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 956
506 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 14654
269 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 454
265 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 5513
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
38 KB
1 uidapi.com
prod.uidapi.com — Cisco Umbrella Rank: 3379
3 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3470
8 KB
1 sharedid.org
id.sharedid.org — Cisco Umbrella Rank: 3158
904 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 739
316 B
1 avads.net
ads.avads.net — Cisco Umbrella Rank: 16027
371 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1090
263 B
1 adform.net
adx.adform.net — Cisco Umbrella Rank: 3009
479 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1193
164 B
1 enewspapr.com
cjss.enewspapr.com — Cisco Umbrella Rank: 962487
86 KB
1 gstatic.com
fonts.gstatic.com
36 KB
1 ergadx.com
cdn.ergadx.com — Cisco Umbrella Rank: 269927
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
208 48
Domain Requested by
24 ibyt.in ibyt.in
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ibyt.in
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
www.googletagservices.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ibyt.in
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
13 securepubads.g.doubleclick.net ibyt.in
securepubads.g.doubleclick.net
www.googletagservices.com
10 ib.adnxs.com 3 redirects stpd.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
10 gum.criteo.com 5 redirects static.criteo.net
9 dsum-sec.casalemedia.com 1 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
7 mug.criteo.com ibyt.in
6 cm.g.doubleclick.net 4 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
6 token.rubiconproject.com 1 redirects eus.rubiconproject.com
6 prebid-stag.setupad.net stpd.cloud
ibyt.in
5 static.criteo.net securepubads.g.doubleclick.net
stpd.cloud
static.criteo.net
5 www.googletagservices.com cdn.ergadx.com
ibyt.in
securepubads.g.doubleclick.net
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
4 eus.rubiconproject.com ibyt.in
eus.rubiconproject.com
4 script.4dex.io stpd.cloud
script.4dex.io
3 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
3 www.google.com tpc.googlesyndication.com
3 x.bidswitch.net 3 redirects
3 pixel.rubiconproject.com eus.rubiconproject.com
3 id5-sync.com stpd.cloud
cdn.id5-sync.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
2 ups.analytics.yahoo.com 2 redirects
2 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
2 cdn.indexww.com ssum-sec.casalemedia.com
2 ad4m.at ssum-sec.casalemedia.com
2 sync.adotmob.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 acdn.adnxs.com stpd.cloud
2 u.openx.net stpd.cloud
2 js-sec.indexww.com stpd.cloud
2 ad.doubleclick.net 1 redirects 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
2 googleads4.g.doubleclick.net ibyt.in
2 oajs.openx.net 1 redirects ibyt.in
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 node.setupad.com ibyt.in
2 ad.turn.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com stpd.cloud
2 setupad-d.openx.net stpd.cloud
2 htlb.casalemedia.com stpd.cloud
2 prebid-eu.creativecdn.com stpd.cloud
2 secure-assets.rubiconproject.com 2 redirects
2 17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stpd.cloud ibyt.in
2 pubads.g.doubleclick.net ibyt.in
1 cm.adgrx.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 cms.quantserve.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 secure.adnxs.com 1 redirects
1 match.adsrvr.org ssum-sec.casalemedia.com
1 biddr.brealtime.com stpd.cloud
1 s0.2mdn.net ibyt.in
1 googleads.g.doubleclick.net 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 id.sharedid.org securepubads.g.doubleclick.net
1 b1sync.zemanta.com 1 redirects
1 ads.avads.net 1 redirects
1 bttrack.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cs.emxdgt.com stpd.cloud
1 adx.adform.net stpd.cloud
1 mp.4dex.io stpd.cloud
1 prebid.a-mo.net stpd.cloud
1 hb.emxdgt.com stpd.cloud
1 cjss.enewspapr.com cdn.ergadx.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.ergadx.com ibyt.in
1 fonts.googleapis.com ibyt.in
208 79

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-10 -
2023-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.stpd.cloud
E1		 2022-10-28 -
2023-01-26		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
id.sharedid.org
Amazon		 2022-11-08 -
2023-12-07		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2022-10-06 -
2023-01-04		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.uidapi.com
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
node.setupad.com
R3		 2022-10-29 -
2023-01-27		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2022-11-23 -
2023-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh

This page contains 34 frames:

Primary Page: https://ibyt.in/
Frame ID: 11C8ABF79B3980700671C45B2FBA815E
Requests: 38 HTTP requests in this frame

Frame: https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669478400
Frame ID: 9EFB99E2A0D7988641E0DB569D0B104E
Requests: 3 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 86C1AEED694EEC237135F2251387BDD5
Requests: 37 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd201221.js
Frame ID: 1F3975F9DFF270FA0F99BD2D5CFE2359
Requests: 28 HTTP requests in this frame

Frame: https://17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ADF845592325630F40FC14A0B09DBA03
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 4BA58CA9469087102D2438C07C2D36E5
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: FBFA10E46BFDCF994FE43151308C7AD5
Requests: 12 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Frame ID: F50C9D04EA31746160C477CF9E03AD8B
Requests: 1 HTTP requests in this frame

Frame: https://fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 3976B78CC65E82D12DC4BDACF29E614C
Requests: 1 HTTP requests in this frame

Frame: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 6B123747F711FB4C65AACB1B0F6C1E88
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJyxQW62mnTEFmOCUGBkXfT6uyRQ9GZEalX0H7ydV9JXfK-J9FyU6MjOdLKD2VSwbIDl6bviCVQzJWgSFkgjdkYws4yrWPyGFXg32OTKLoc0q7XQBir_O1oCVrdLT4ONuHHHKBOBbG7lq7yBWZ63NFr-gGV4nu_BWAHvxaPZ7-hAbz-uTlXbjjMAsEj5z4DL43Pb6ErKPHcI2AS24TaKoJrANsBxhtgTi7YCLPzmIVj9-sLXcuhvihU9TjvPXsJASJtF1Wpfzk4W9dQC8654NJn2_1lR5sf4hlR1EuLX1Hi80TCuu5O8Q6wrQ8piOwXsN1RsrpbA7eGJqD&sai=AMfl-YRdZuKYYE39puvsMBrOsS5A8idkzYDVJShN_iZPGvuz2TvRWgYCa3SutnCAFXAEd_NRNYa69XSEH84OzTJgT61BE-N4UhLeVBBfveYRijrbFyH1XL4V8YuUN3BPuednfR96ZtxR7cWIx3ShuCFC46g&sig=Cg0ArKJSzMv9KN2DbcEAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F153EA7753D54F9A2BFAE529FFCF6AEC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7368CFE40950DA21E47CD8FEDED1D05
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD732EB6F6250573CF9E819CE0FCE49C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibyt.in
Frame ID: 4CC66656BCEEEB56CCC1110291DC2FC5
Requests: 2 HTTP requests in this frame

Frame: https://17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 31459898D02E72F9A29B19C5C839ED13
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 7AD9461BDDFEAE555A5316A7161D3EA9
Requests: 1 HTTP requests in this frame

Frame: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 093F5D5C765914CAE5443F4A25E71E55
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2YKRDRtYusAhjnr8vZATAB&v=APEucNVeNsMU49YO0UAsyeyhSgYEpwP-vLTvD912_tBzKZY5m4QY6OjJrBGz3MrEbcZo01aNjA-PGSyR18f7Q3naAS_PxzhXaLM4FLyUui3s2-SPxqSvWQu4t9txeWdJ_Y0bXmwDd382Pn2rfELE9xmsSMz3uc0MQV086aXNLhTjB3kRDpZyn77idBYiUlXOjaUrA-i2EZcq5-9_IhHXt7xr0Hx6iOQ7Hw
Frame ID: 10D1B4875BB7902F7442F716534E15EB
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 09DD529EB09581164C078CD28220E5F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CC06118D90A9101FE60452FEB713E67
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 688DA9C62FED58D5CB6E76034B5DB711
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 797FE93ABE59BAD73EAC9AC1203FB87B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1A28CD073D5894650C7849CA06EB59F0
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Frame ID: 8C38EAB51410245B65887C0B188287AE
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Frame ID: 98A5597CC7B64A23FAB295C6586F1DD7
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D4156A32DB3ED43325BBE3A92CDA2C18
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1CFCEE8583FDABC16BAD2E80ECF895F6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 967E684D90FA5411BFA981739DF457BC
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 56C27B2B51D7C4DDA5C8D346FAFB8132
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EA97B37D57308F3F25D24AED8A26844E
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: DFC9B749A708F87382BA682ACA697A92
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 52E340E88CAFB174A4E638A3C076542F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 85762FD7DAB9BD896E8FBCA60F4EDCA9
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: AE39D189E453CB64A5CA9CE45CD57340
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IBYT.IN – TECH AND CRICKET WORLD

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

208
Requests

88 %
HTTPS

39 %
IPv6

48
Domains

79
Subdomains

60
IPs

10
Countries

1920 kB
Transfer

5186 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=jp91D3xMRXlJbmtnZWUyaVNYU3ZndEpxL3NhdlB5ekE4bzhDakRyZkgrMWMrcGIxTlQzemk3ZVZxYm4wR3g3ZDZERXo3UnBRbHVYWUVxUVhhemkrVExGT29VV2J0Q1V4NGNXSWdRMEVydFhtWHlGalFDN20vaW1LQlJFV3puUkNOQy95aFBRbXZqYmljMTlTY3B5ZmtNc25qT1ZNQkJkM2UyNjk0TmpUQTlmOFdhQklOaVI4a3VBcFk5RzZ1OFJjRWxCVjRwRG15UlNERFY1MlRVaDJ3SXg0bm5YWjFZdHdQc0lldjdzRm90eGlOeTJFPXw&cppv=2
Request Chain 45
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 48
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=OaUG6HxhcUVvNi8zUUU2SzAvN3dqaUM3TGpyUUYwYkpYbUFWZU9Hd0ZMMVMrUGk1QWRma3FWa2hLemJqYlFlVnpCQVZVenRJa2Nxak9DVWFZSks4SVdJRkExdXRxa0cya3l5bzdKL3A1OXVpekV4UW5FaXB1ajRsbzlndi9oL2ZUSGo2TkZmVTVObXVqdGVXc3NmdURYYUtwWHVGV3F5bTlsdFlDUU1tY0ZoVDY4ZmFmUHRnU1FsMmU4TDl4QjR0a0dNSnVKbXFSVjhRNjRHRWlMZU44RmpVSzdwditBZCs0WEFPeWpQVzB6NmJZQzZFPXw&cppv=2
Request Chain 51
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Request Chain 76
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=5324135977184355499
Request Chain 92
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=194962&us_privacy=&C=1 HTTP 302
  • https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4I6SChWWlb1ql6pC71CxQAA%265147
Request Chain 98
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Request Chain 100
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3210463133588474598&expires=60&gdpr=&gdpr_consent=
Request Chain 101
  • https://x.bidswitch.net/sync?ssp=rubicon HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=rubicon HTTP 302
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=rubicon&bidswitch_param=e90396b4-4eb7-4691-875a-bcce21f86e51&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=2abbba51-442c-4a0b-bfed-40e12361d894&expires=2&ssp=rubicon&bsw_param=e90396b4-4eb7-4691-875a-bcce21f86e51 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=e90396b4-4eb7-4691-875a-bcce21f86e51&expires=30
Request Chain 102
  • https://b1sync.zemanta.com/usersync/rubicon/ HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Request Chain 118
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
Request Chain 124
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0alB5N3gzc0huamZQZDZLM3FxdXU5QXk3WXRrTGhHYzV0N21pJTJGd1VNdkZ1NjV5VHNUTlFvNEUlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=rW0sPHx0MWVhNDc0WGxFN2pFSGgwZG1QZnR4cEI3QnV5b1A4cWpnNm13WUZzMEl4M1ZpZGtKTGFUZEpSdWpkNWNEeUc1TVdPNG96L1Vwc1JoWThiT1lPTDdzSGNGbkFKNkxiQmNGLzdHanVrRnpIenNNOWR0Sk1MY3JiSVNWa0JRZXcyMVd6UExMRmZoeHR4YS9IYjVlWkJCQVNIRUYyYVM2ekgxdWlVUWpyRVhieDZPL2t0bk84YUZXSnNTS2t1a3YzS2cxUWxRaXJmT3hPc2pkUmxCdFFzUWhscXZOcEdya28wSDNSVU53NmN5MG14WndEK1pYamJrRmQrdXB5M29ydXhoTFhMMjRWRi9yN0RhRUEyL1BnL1dVUT09fA&cppv=2
Request Chain 142
  • https://ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/B28951892.352074681;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/B28951892.352074681;dc_pre=CNenpe-dzPsCFcmJdwod_rEDTA;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
Request Chain 152
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4I6SChWWlb1ql6pC71CxQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIyjxRHuh09AVPfWm7WqR04&google_cver=1
Request Chain 154
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyNDEzNTk3NzE4NDM1NTQ5OQ%3D%3D
Request Chain 176
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0alB5N3gzc0huamZQZDZLM3FxdXU5QXk3WXRrTGhHYzV0N21pJTJGd1VNdkZ1NjV5VHNUTlFvNEUlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=3mXEd3xTYjlObXFDaTVxUysvVnllSjZsb1Vmc1p1M1ZFS2FLd0dRNm5wQkY1blNvWUtlWElqaFFyS2tMR1JlRjcxa3dGT1N0SkRrc2J4ZkNjbDNudXBJTUJlcUZyRkJGUllZVTFndHdyMjNPMEU5S0hqcXJWTzViYVU1MFBOQ09zWXc0UUlpa0Rka0tQVW00ODF6SXJ0K2NLemZpRTZBaEkzZkp5KzNyalJlbTZ3Y0tSTnNhS3JwL1h1dCtZaGdQUU92MnNGVDllbVBtTFg0V0NqK09EdHhyaXhtOFNDTU55UDhQeVV4Ulk3Yk81OTE3Z3hxSkxaakwrYTlJMDlyMVI5cklrTkVSdkUxQzBKMU9FQmJHQzJMQUJLQT09fA&cppv=2
Request Chain 177
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0alB5N3gzc0huamZQZDZLM3FxdXU5QXk3WXRrTGhHYzV0N21pJTJGd1VNdkZ1NjV5VHNUTlFvNEUlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=nOsuoXxBSlp2OGRXcytjNTV0K1dzNnZnSE02MGdaR2xXTStSY3dqRUdJSTR6dXFEc0RkcGZ1QU5reHRaUG5WenFoUlRmTUdsNzFVd3lYOXMxVjlDMnJMVy9Vb3Byalpidk1raVQ5K2tkMVRnWHRSRVNsVFhrdTJRMzN0enZyVGMxUURYekZCSHR0MmNUTFdNdzBzUGM0ZDBwTUpRNTNyTkcrcENVT251Qy9Yc3JkTDBjT3lGaS9pRGRJM0pYTmNYYlN2dDRzbWhMSVd5cGtwS0FyRk8ybWF5aVhJL3Y5RXF5dmlCWXZOcTlQMmhjTkdZeWhWMXl1OGNNSURQOVZYZE4zSENNZXZjdFQyWi9uWE41YVVZWjBkS0Eydz09fA&cppv=2
Request Chain 189
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&dcc=t
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPs1nyWC7Sd_dbR5pDACfFI&google_cver=1
Request Chain 192
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5324135977184355499
Request Chain 193
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Request Chain 194
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7b90f15-b8dd-434a-9cca-ee682951f847
Request Chain 195
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=SHOl7k0hqb5TJf_sTiWw6kkipelTc63rG3VYICfz
Request Chain 199
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
Request Chain 201
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3210463133588474598
Request Chain 205
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]

208 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ibyt.in/ 		58 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b698e06e3a361f545fa34ec367ff3f5b5713c1b49852084c4beb581f04943bf9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7703e3dd2bb2b8e5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 16:09:43 GMT
link
<https://ibyt.in/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wt2gDKpqMw4m4C%2FmJF6HDRBU0QH68PJGhhnALG9HYmAq4r5ITSUWCBnDtqKx1KPLBA1hMX%2F%2BXRcwd7l13OTG7at%2BVW0DfhvNS6jA1jz9xuCbgiwcTjdqfDPuP5BGtXrQfZRZJCBG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.min.css
ibyt.in/wp-includes/css/dist/block-library/ 		93 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Nov 2022 22:12:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epjv6pgZe2EowgCsPN8XS2EjM%2Bd5TnkHCSaRsW7%2BadONSz9035UautRpWGoHzwAos4UISQaoQ5b8n%2Bunhuh7aTOQLzhCTWy7aG0rB7pdz39%2F63zOJDrzNltDcvNmABMS4v3Mtljv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7703e3ddccdbb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
classic-themes.min.css
ibyt.in/wp-includes/css/ 		217 B
446 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 02 Nov 2022 10:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDB1OI2IQiDYGsXuF9BnyAHLvzBhe6l2umMqqi%2B6dU7pyGtpYvb1l7ZL1JEcccQ33g2pC1gp%2FAaDfl5HmomU0GyBekrGTDh3E9evHJfLGif6IA8YjY912ccjwADGz4my6Gprc%2FqW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7703e3ddccddb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
ibyt.in/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 24 May 2022 22:13:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l21%2BWLE9tJgA2D3uBgbdxtwNrUt5s%2FJwes9NUpjYzztHN73b4jOdHpgChg9TLp7%2FeS2aCe8UwdJxwI1y1TgUH%2F5hN%2Fao9dXJfdh%2F2QWFRJOyNCqMN2bUpZyjnRLT5nfm0%2BWWLSLJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7703e3dede60b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 16:09:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 26 Nov 2022 16:09:43 GMT
style.css
ibyt.in/wp-content/themes/superfast/ 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/style.css?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmRBKZpM0vYUJJHfMOdgh6scf2lvXBlGgbC68ItD3e%2F7NyMynyOqVrEzA0xeqH3FgL%2B8wVVNxOGETLxgAdiagUIqMIFrvb1c3kCVniehSGpmWB%2BdQ3d0dda8i9hlqQsQaF1PVSeI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
7703e3dded15b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
ibyt.in/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 02 Nov 2022 10:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fa1wCWYb2hYQq7kJMs%2F2Rw8trUz9qtEjKhtBhfl6R8PC1%2FcbBfNqcStF%2BeXtHFo37JMCz%2FAujeBiPLOK3%2BO7kBIIzzuE2ICBR2WVeS7oJPRhISPqw%2FVKJaktz4iGymKyxTLUTinH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7703e3dded18b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
ibyt.in/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 18 Nov 2020 14:36:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9LFPk3zKis7ZKKYC7o4pmqLDB%2BnwQOQawAKAVK3hw4bE%2FU2T1T4MSFBhq2HRiG9SDCXvAcrsHa1qQgn1xVo945rEOoCq0EiRgus8rTvbHxkKaz32YHj2V5VevCN8n1nm2ReF8i6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7703e3dded19b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74fbad0a99c0ed1c0c09f7a4dbf73b52d1d2590a8bb088a6ae5ed255e7d75f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27205
x-xss-protection
0
server
sffe
etag
"1403 / 42 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 16:09:43 GMT
afac917bf94a622b609d468bb003a34d_original-300x225.png
ibyt.in/wp-content/uploads/2022/05/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/afac917bf94a622b609d468bb003a34d_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58171b988255633696c0ad836249a7b0dde4ab005b8e951770bdc25fb3dd08fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
MISS
last-modified
Mon, 09 May 2022 09:17:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyOZbFSmF%2BLwRLGpB3oR%2FWqKYgKESPo4QMFUuyecx%2BBltP98jOdrv7aa3sylIUYxriHaftKS5G5XgcU78bLSsfpzTr6IDct5vLx1BngE7H5XUaL5V4zvb39FV0FXT8r6c2GTc0Um"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3dede61b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5164
ads.js
cdn.ergadx.com/js/2266/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ergadx.com/js/2266/ads.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49930f364eda6d795fa66a38cd5dbd521983ad2814698262da8bdece001d1173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10872
cf-polished
origSize=31921
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Apr 2022 11:19:29 GMT
server
cloudflare
etag
W/"7cb1-5ddc9374996f0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOKih26wCcJADiIshZUuj%2B3Xfb3H44%2FEs7yt2f%2BQyzdiHoxF3ienjBZKblpkiDrUOUXXLLjcdKlxEEuAotUXTMnPfTlUJDXcLFnqTYRtN2qGlgV6R4KEKoRV7KoV9jKEGjMcB5IKt%2FVPfTjfpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
7703e3df2c57912a-FRA
jquery.sidr.min.js
ibyt.in/wp-content/themes/superfast/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/js/jquery.sidr.min.js?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myRo1o%2BFLK2pyAtdT5sh1qxku7SoCLAJlHBgE6%2F0pOWCqfczMcu7EJvveZ41WLrUKJie78y69yKc4YYct8vjhm5QyeoUSP9mhbBPcd9oyH6FJX4qTLXmmh3%2B5R0s2bFvZdGB3t%2FE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7703e3dece48b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
customscript.js
ibyt.in/wp-content/themes/superfast/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/js/customscript.js?ver=6.1.1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQv3CCWjEj2wCpB65mnwJpZHXKXCHTikSPbvso%2B%2BXIUFPD271y6paVwnrVNqkz4JBjxR6MOavQQm4uuSy7uIdBPutioqj3FlLv1PhU52Tx8D4LYNbGHm3ebBM%2BoVm0pvT0VbPg4s"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7703e3dede5eb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ibyt.in/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KcLxcgt8zvmVLXwoy7IgRgUAdvvkHxnTHbiW94JMCLzhazGQLJrFz3VKczCTQNL43UCWYXmNtal1JxEYV3A4G5ALPHOwQiR5NSvcpORUUDGQmriFSmEyJrD2k1jn4C%2BVZ7ZP2Nh"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7703e3dede62b8e5-AMS
link
<https://ibyt.in/wp-json/>; rel="https://api.w.org/"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ElegantIcons.woff
ibyt.in/wp-content/themes/superfast/fonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/wp-content/themes/superfast/fonts/ElegantIcons.woff
Requested by
Host: ibyt.in
URL: https://ibyt.in/wp-content/themes/superfast/style.css?ver=6.1.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

Referer
https://ibyt.in/wp-content/themes/superfast/style.css?ver=6.1.1
Origin
https://ibyt.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 12 Jun 2022 07:49:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oZRF1MZPE0Ekewdu%2BLtbiKkuuv1Di%2FBQvPzMnRN%2FgpqVsHTL%2FKAthkIaYb2KO1dzzKXgbVt2JC7dvGIatHA9agIFkprNNPd0S1raOQxs6teYLuEIbgy9ejRkbhV7mFwCNDIJaZY6"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3dede66b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63664
XRXV3I6Li01BKofINeaB.woff2
fonts.gstatic.com/s/nunito/v25/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito%3Aregular%2C700%2C300%26subset%3Dlatin%2C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ibyt.in
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 13:44:22 GMT
x-content-type-options
nosniff
age
95121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35904
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:34:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 13:44:22 GMT
b8de9d5251611192975f1aca30505603_original-300x225.jpg
ibyt.in/wp-content/uploads/2022/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/b8de9d5251611192975f1aca30505603_original-300x225.jpg
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d50b5b8c23d54e1ea0bc7cd6167153a7410f73d0fa5a95b942894d9614b57e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 11 May 2022 09:18:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qma4pyS5CE8ml4qqnZDqCiAD3pF4zMx%2BoAZr7WWVjO335bEfnMRlMDZMkfVbVJbK3XXNI906BThE6DAorEMxVAUipwBfE9OL%2BRDWoLV%2Bm1MidsPtdsgJm5w5igIWJK4uoWhX3QiQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3deee6db8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8148
adx
pubads.g.doubleclick.net/gampad/ 		56 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22463069023/ibyt.in_300x250_4_DFP&sz=300x250%7C250x250&t=Placement_type%3Dserving&1669478983498
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e3558b0e96fbe0efb2daadbf74dc44d914ac0a0423b66f81f0a4201c3b241ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13224
x-xss-protection
0
google-lineitem-id
5874818303
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377433874
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
9f8b06c772ab919897e6385f2692a8d8_original-300x225.png
ibyt.in/wp-content/uploads/2022/05/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/9f8b06c772ab919897e6385f2692a8d8_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3219f1d97e20926e8434a1e77930f333499d6397f004d9f3304b28dde531e391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
MISS
last-modified
Tue, 03 May 2022 09:13:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITMAsKQv2YrwTdCefLpLMtbUZ43JiXYqP71c73K33F%2BmJd%2BVsVXbF5%2Bk70umJs6aYxu7qOliFvKLNd8%2FdWtIeZOJ8NWTjgbYV%2FXm7cjE3PVso8WA%2FBizzjR4GgrM1pu3jiTh%2FrkX"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df0ea7b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9856
bc34579610117ceccfc6c4552dd53801_original-300x225.png
ibyt.in/wp-content/uploads/2022/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/04/bc34579610117ceccfc6c4552dd53801_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0553bb739f1686e2e458b4f583ea068710e42e6e676b9e099f00aa56217151c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 29 Apr 2022 09:06:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1YJmeReZQSW%2FDgxCKRzom9%2FKU1cPOi5NRhIAdLr4pdYJvtmWHwb%2Fsl2VC2c4d%2FMsN8IcL%2BZ%2FcWZVhZry9JI0iKW2BLWUE8Kmvik%2Bo%2BvF9DwkwcW%2F6vTZ7EillCManmCTHFmpw16"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df0eabb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14088
0fb921bd5b131f78ed72ab5aaa22f440_original-300x225.jpg
ibyt.in/wp-content/uploads/2022/04/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/04/0fb921bd5b131f78ed72ab5aaa22f440_original-300x225.jpg
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1292ba4d41b1720bce8abcf19fa19704cb6d95b0f3c904535972e8746730b009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
MISS
last-modified
Wed, 27 Apr 2022 09:05:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8zV%2BkIaTAI8%2BedFH5vcw21Bj%2BtCbm7xau56wQplfucPlZ0WhKi0ggks4PgDeIBES0Dxuj4OyDn7PiUkMvqCGXTgAjE7Qwfg5ucpsb5VhU35MpNFc57MqzH57EV8wUS1YowTXRaB"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df0eadb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5186
adx
pubads.g.doubleclick.net/gampad/ 		56 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22463069023/ibyt.in_320x100_mobile_sticky_DFP&sz=320x100%7C320x50&t=Placement_type%3Dserving&1669478983518
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc6ec2e00d176abcceaf82c19bfbe79fa952a69ded0c0a3dfee6011499487348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13223
x-xss-protection
0
google-lineitem-id
5882711945
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377521829
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
2a82d976c36bcbf05dfd6c2ba86387b7_original-300x225.png
ibyt.in/wp-content/uploads/2022/05/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/05/2a82d976c36bcbf05dfd6c2ba86387b7_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13545cec095c1bc6dcc3af6ca0920ac82f5be96cb39595675820ce7c7f9153ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Sun, 01 May 2022 09:08:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qGHU9yGhVHPzIUB730tEDT34fL1KY32DMBI08eS8am8fcMgm9B6lX%2Fx2oxwGT524HgKrlysBpcbZKhZOoL0ci4zbtuJTdHSti2baopd%2FJ68ds%2F9Bqy7szXSUBGIdqFniX2QsRfy"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df2ec4b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6818
b27bcdb3a6ecc1cac3b577208c73f445_original-300x225.gif
ibyt.in/wp-content/uploads/2022/01/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/01/b27bcdb3a6ecc1cac3b577208c73f445_original-300x225.gif
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c6a13df2fa2f0e99384ac1fde844d3ff6338971fbabcb9ec95194cf5b99ce2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 04 Jan 2022 03:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtf4OK76ItUxpfwSLLOdCTzvSF4DgQA1jBAfa45mr0ssWUCaV7ewoep54vIcFKwwB%2FRCBtNH6tFnIgL4p4S8CGRSOXzMpErrAp6sjCf%2F%2BgcpPawPpB6aG5F2Ud89d4ILUba3PQT9"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df2ec6b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9080
5a06feabcb063b368a9c57814b77663c_original-300x219.png
ibyt.in/wp-content/uploads/2022/01/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/01/5a06feabcb063b368a9c57814b77663c_original-300x219.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5733ae1deefd76f002f873d813dcb95334490adf102d4ad33f7905da607c2bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
MISS
last-modified
Sat, 01 Jan 2022 03:36:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BUdn9eiyK1RtjjAcOdo%2Fq8OYhmfdVRsGJNJZ70x9NzP7kzQ9o5KMAoWqeKUxHqzFtkw3XsBux3t7AgR%2ByXsEWvzLqa8urWBSXTr02u%2BIF2ZWQ02yJlDkNCN33drTf3TiZn0rn3x"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df2ec7b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9705
e9fc9f609392ed8e627cbc030e95519c_original-300x225.png
ibyt.in/wp-content/uploads/2022/01/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2022/01/e9fc9f609392ed8e627cbc030e95519c_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fe3edff39be8fdcb0d19b6cda5deffb4ae75c3e8605c14a9113eec57da555b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 01 Jan 2022 04:27:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U75fTn38VXPiOEh0MoeCdJumuuBPzKSB1AqBSMJMq4aMBD%2FJzijD3TBUgFMpbTODJWJZllDtAMoTs35CQuqtxFKAVbrVFbMpMiFlvJgRqw%2F59xE0G3MTSLIrBZIjL50GE5GEGt37"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df2ecab8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2732
4eb2a1d4b3d3603f5f70eab66a7ac534_original-300x225.png
ibyt.in/wp-content/uploads/2021/12/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ibyt.in/wp-content/uploads/2021/12/4eb2a1d4b3d3603f5f70eab66a7ac534_original-300x225.png
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b12e35c0f7f1219bc6fc0c5843f10412d1e91c409a8700da0c926e3283df1463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 30 Dec 2021 04:26:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8twaw4BXvaiDO4KZbVdXryJQhz%2FwJGSe2IZsBeyYQRofLzWrtI3jmh%2BlSlCh2FcrwJf2rxPbjLMImOAVfM0qibnGkci4MRgcfh%2BeARxjEc8d7IZPzIv5qjolvCtOT0IgH%2BCBXfAz"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7703e3df2eccb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6832
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.ergadx.com
URL: https://cdn.ergadx.com/js/2266/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 308 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 16:09:43 GMT
invisible.js
ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 9EFB 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669478400
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac933c2c6348a78c0fc53c09facb32579b18c17d22afae67d0af291c7e3b1c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=km7qdnLsOaBT%2FQqVtoIGIhllCsrjeNJpxxngzrMUe8xkLOwvaKr94it6LN%2BKnfpaz4fz%2FapsdKEgz5w%2FtSo46nnVvHqkapWONn3UM8U62hHNGpDOIt1JG4KKPXcdn3JTf547cZwl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7703e3df9f7bb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
stpd201221.js
stpd.cloud/assets/postbid/ Frame 86C1 		461 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
2543
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 20:55:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76ddb271-601e-0057-4fd1-0051a4000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7703e3e0fe1a68ef-FRA
expires
Sat, 26 Nov 2022 20:09:43 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 14:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6659
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 14:18:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		268 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:43 GMT
stpd201221.js
stpd.cloud/assets/postbid/ Frame 1F39 		461 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stpd.cloud/assets/postbid/stpd201221.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
/FnTyG7mivuubIGMmM4B7Q==
age
2543
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 20:55:06 GMT
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
76ddb271-601e-0057-4fd1-0051a4000000
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
7703e3e0fe1c68ef-FRA
expires
Sat, 26 Nov 2022 20:09:43 GMT
pica.js
ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/ Frame 9EFB 		20 KB
8 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9266875371174740380051b1d4a6f20a124977394cec9855070b1f237e8f26a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKfWnxomzsDor5SxUs6n92xN9QK%2F8Tq4kfVxd%2FRFcXA99zyvam03q%2BHvqToKAtW2Jn3VA8Ka9D1GxUPko1gPt3cODVnSZyP6CRnceJ3rlOA4kasjCjntTA9YlFaKPgN8jO6Db%2Fjw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7703e3e0992bb8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid4.20.4.js
cjss.enewspapr.com/prebid/ 		282 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cjss.enewspapr.com/prebid/prebid4.20.4.js
Requested by
Host: cdn.ergadx.com
URL: https://cdn.ergadx.com/js/2266/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:2e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3190617c56f16492c6b990d538fdae11393678a616c6e85845d02c67cf871d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10067
cf-polished
origSize=288635
cf-bgj
minify
last-modified
Mon, 05 Jul 2021 04:15:48 GMT
server
cloudflare
etag
W/"4677b-5c6588f59c500-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ux1CTLyFMMj2CPDDQZBr9bekbcTgLIWk3Pq%2BsW0ua0D2P9rzG3p5UNKCEgTHMMIywdaYNOT5%2BdFvvE4BFzRYu1WYhFKBEPF1afoCST0q7FvFYt2K417pqSZZ99Lx9CNZNDD7CGyviFuI93mSMX48Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
x-varnish
191922369 189300894
cache-control
public, max-age=2678400
cf-ray
7703e3e13df39293-FRA
7703e3dd2bb2b8e5
ibyt.in/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 9EFB 		2 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ibyt.in/cdn-cgi/challenge-platform/h/b/cv/result/7703e3dd2bb2b8e5
Requested by
Host: ibyt.in
URL: https://ibyt.in/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1669478400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8ad7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2BCOjZQNVvh%2B7YlATo9Tde1KRlizfdlmbW9CewhDpHkU1FIxJ9LM9qg9bo20bb7pHCClIMDhyQU8osGZ4uLNHWnIpBqrV1ovhRbJm7ao8Txk7VN4h0oqH2F%2FFvT1YYGUbhi7kCsv"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7703e3e25ba4b8e5-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
745 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=472574771347751&correlator=2036911452194606&eid=31069125&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=147246189%3A22463069023%2Cibyt.in_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3284457678&didk=1730563965&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1669478984071&lmt=1669478984&dlt=1669478983302&idt=747&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fibyt.in%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1905704759.1669478984&ga_sid=1669478984&ga_hid=1649903127&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7148c8ec7647215b4a14ba2b52fca40a8f8efe198e6d363f402c1d1b4f94ee00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
717
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ADF8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
Sun, 26 Nov 2023 16:09:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 15:38:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13838
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 15:38:28 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ibyt.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 16:09:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
497012
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 1F39 		483 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 15:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
257913
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9rUtt3vadlX2edUthGqzkurbgNBE0gfWLEUqpm7d5QOjAf59otZhjt1vDszW3l%2FVLzMvScIGR9Sb2a3W379dSxJQuAEAvl84hyIHELRcouLckC9ecvRh1A8bkDgC%2BY25zKdfnBV0PNSKutw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7703e3e34bd0916a-FRA
sid
mug.criteo.com/ Frame 1F39
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=jp91D3xMRXlJbmtnZWUyaVNYU3ZndEpxL3NhdlB5ekE4bzhDakRyZkgrMWMrcGIxTlQzemk3ZVZxYm4wR3g3ZDZERXo3UnBRbHVYWUVxUVhhemkrVExGT29VV2J0Q1V4NGNXSWdRMEVydFhtWHlGalFDN20vaW1LQlJFV3...
335 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jp91D3xMRXlJbmtnZWUyaVNYU3ZndEpxL3NhdlB5ekE4bzhDakRyZkgrMWMrcGIxTlQzemk3ZVZxYm4wR3g3ZDZERXo3UnBRbHVYWUVxUVhhemkrVExGT29VV2J0Q1V4NGNXSWdRMEVydFhtWHlGalFDN20vaW1LQlJFV3puUkNOQy95aFBRbXZqYmljMTlTY3B5ZmtNc25qT1ZNQkJkM2UyNjk0TmpUQTlmOFdhQklOaVI4a3VBcFk5RzZ1OFJjRWxCVjRwRG15UlNERFY1MlRVaDJ3SXg0bm5YWjFZdHdQc0lldjdzRm90eGlOeTJFPXw&cppv=2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3f9b1dfc24fbc61fb6b0482b4bef597cd3291072a662e7c173949a3e8ffd58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1291176
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:43 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=jp91D3xMRXlJbmtnZWUyaVNYU3ZndEpxL3NhdlB5ekE4bzhDakRyZkgrMWMrcGIxTlQzemk3ZVZxYm4wR3g3ZDZERXo3UnBRbHVYWUVxUVhhemkrVExGT29VV2J0Q1V4NGNXSWdRMEVydFhtWHlGalFDN20vaW1LQlJFV3puUkNOQy95aFBRbXZqYmljMTlTY3B5ZmtNc25qT1ZNQkJkM2UyNjk0TmpUQTlmOFdhQklOaVI4a3VBcFk5RzZ1OFJjRWxCVjRwRG15UlNERFY1MlRVaDJ3SXg0bm5YWjFZdHdQc0lldjdzRm90eGlOeTJFPXw&cppv=2
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
619412
content-length
0
expires
0
481.json
id5-sync.com/g/v2/ Frame 1F39 		216 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
af11162485b12441e518a282f59395d411ac1518a569c710b91dfc8bec1f1b9f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 16:09:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 1F39 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2881265c87c20a765de669d704a949494bba5ebf5c01bc5f3b1f07db70cab95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27205
x-xss-protection
0
server
sffe
etag
"1403 / 43 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 16:09:44 GMT
usync.html
eus.rubiconproject.com/ Frame 4BA5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 16:09:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 26 Nov 2022 16:09:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ibyt.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
618007
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ Frame 86C1 		483 B
547 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 23 Nov 2022 15:43:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
257913
etag
W/"922cffdd75f7192f75231d92684885aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA3xmZkJarm4hZl%2BMQi7NEj%2FcvFE8U%2FPZ55YgzVVtLwV4AiS7DVJJzptHGyJ7DRVJPjbTv5kpXXOWIdI8xhp9ZqygYz54Guu6dPynp8g1d8c0ocnlDiBjmeEI1nqbE%2FpxD3chEmLUofQyxgD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7703e3e34bd6916a-FRA
sid
mug.criteo.com/ Frame 86C1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fibyt.in%2F&domain=ibyt.in&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=OaUG6HxhcUVvNi8zUUU2SzAvN3dqaUM3TGpyUUYwYkpYbUFWZU9Hd0ZMMVMrUGk1QWRma3FWa2hLemJqYlFlVnpCQVZVenRJa2Nxak9DVWFZSks4SVdJRkExdXRxa0cya3l5bzdKL3A1OXVpekV4UW5FaXB1ajRsbzlndi...
338 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OaUG6HxhcUVvNi8zUUU2SzAvN3dqaUM3TGpyUUYwYkpYbUFWZU9Hd0ZMMVMrUGk1QWRma3FWa2hLemJqYlFlVnpCQVZVenRJa2Nxak9DVWFZSks4SVdJRkExdXRxa0cya3l5bzdKL3A1OXVpekV4UW5FaXB1ajRsbzlndi9oL2ZUSGo2TkZmVTVObXVqdGVXc3NmdURYYUtwWHVGV3F5bTlsdFlDUU1tY0ZoVDY4ZmFmUHRnU1FsMmU4TDl4QjR0a0dNSnVKbXFSVjhRNjRHRWlMZU44RmpVSzdwditBZCs0WEFPeWpQVzB6NmJZQzZFPXw&cppv=2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
99cc10726edb5eae68583a83f5488800d81162d4ea8af3006a21da12214a326f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
952253
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=OaUG6HxhcUVvNi8zUUU2SzAvN3dqaUM3TGpyUUYwYkpYbUFWZU9Hd0ZMMVMrUGk1QWRma3FWa2hLemJqYlFlVnpCQVZVenRJa2Nxak9DVWFZSks4SVdJRkExdXRxa0cya3l5bzdKL3A1OXVpekV4UW5FaXB1ajRsbzlndi9oL2ZUSGo2TkZmVTVObXVqdGVXc3NmdURYYUtwWHVGV3F5bTlsdFlDUU1tY0ZoVDY4ZmFmUHRnU1FsMmU4TDl4QjR0a0dNSnVKbXFSVjhRNjRHRWlMZU44RmpVSzdwditBZCs0WEFPeWpQVzB6NmJZQzZFPXw&cppv=2
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
632120
content-length
0
expires
0
481.json
id5-sync.com/g/v2/ Frame 86C1 		216 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/481.json
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
a11a708a9d18dd88a470d3c812cc4067a7bc93bbb9f906cba95a589c058966c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 16:09:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ Frame 86C1 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1403 / 670 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 26 Nov 2022 16:09:44 GMT
usync.html
eus.rubiconproject.com/ Frame FBFA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 26 Nov 2022 16:09:44 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 26 Nov 2022 16:09:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server
AkamaiGHost
cookie_sync
prebid-stag.setupad.net/ Frame 1F39 		1 KB
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c549c11d4f03a4a41d0badfd2fec57bab1f1dd0a15c6f79843976042ba99b195

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IUybAM1Wxc%2BVlETduKEhEqusWHY83peeTVJmiAnatb%2FOixsxRzJnxYuK6xfUHLJphC1wgLbdXYxVCcHVZ%2F70KcgV%2BYh7ArXXeLzKX%2BHO9%2Fudp87ct6rSA%2F4umyhKKdpdyfzzmyXju1bRjXNtcvAv5phOu5TX"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7703e3e3b8509040-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 1F39 		283 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebf28361993caa17abd120b62c51fb50e5c880792f47eae2d03c1855455622c7

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.209.0-2-g4a3c5ecc
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMLJ9woD8PL9eC2AQp0eFFzdwuAlMlkz5sNMjIaOFqGmIjCjIK%2Br1g1J3GGeP6smR34Sr3RYTDS8k1%2FkizjmyS%2FYgM%2FFrHf9IUROzKpENiGoi0msCmq9kfwv7CkYAvUYEK03c6Bg16xZXDy6gQnMR8nQvSFf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7703e3e3b8529040-FRA
expires
0
/
hb.emxdgt.com/ Frame 1F39 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1669478984171&src=pbjs
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.169.183 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-169-183.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 16:09:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
c
prebid.a-mo.net/a/ Frame 1F39 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

x-nbr
8
date
Sat, 26 Nov 2022 16:09:43 GMT
server
envoy
vary
origin, Accept-Encoding
access-control-allow-origin
https://ibyt.in
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 1F39 		0
169 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 16:09:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cygnus
htlb.casalemedia.com/ Frame 1F39 		37 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=764373&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22153568dc9481be9%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fibyt.in%2F%22%2C%22page%22%3A%22https%3A%2F%2Fibyt.in%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22897%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22167d9a858b7b5c3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_300x250_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221732ff82f41bff1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_300x250_4%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55c655e485bf430042e2ecbe6bf04447425cc9717fa3c7039be3e22a9437b246

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDZN3jHeticnl4nXJ2NauaWgdYY%2B2icXYh%2BfLSBRT%2BKchmV57gNA5EpVBcPDmEBEqeT12dsMAMEjmuizWwSC8rH7nq1y0XTrskDONxvFCTx4%2BnTKHMP%2FUB5Fnhv4EmLq75w8nnYN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7703e3e3bda291f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
mp.4dex.io/ Frame 1F39 		114 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54698009b27b1e9ec2a2d106ff6c1e082ebec40086be91a73c5cf3338e80b0fd

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
x-err
Shapings: no adunits with size and seat and mapping
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7703e3e3ccbb9290-FRA
expires
0
arj
setupad-d.openx.net/w/1.0/ Frame 1F39 		73 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fibyt.in%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=7493c2da-a101-4775-bc76-9fd203f4fbf1&nocache=1669478984178&pubcid=00122032-0dba-4cab-b25a-b2e8cfebaf18&schain=1.0%2C1!setupad.com%2C897%2C1%2C%2C%2C&aus=300x250%2C250x250&divIds=div-custom-ad-1669478983753-0&auid=556539117
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0441f4570db2b6113328586689df17794e034c46c2ecb09c3b1ec95841c6d24e

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ibyt.in
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
adx.adform.net/adx/ Frame 1F39 		5 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTEyNzg3NTAmdHJhbnNhY3Rpb25JZD03NDkzYzJkYS1hMTAxLTQ3NzUtYmM3Ni05ZmQyMDNmNGZiZjE%3D&pt=gross&stid=0fc4bd32-1bb7-466d-947f-854fafe40ca9&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAwMTIyMDMyLTBkYmEtNGNhYi1iMjVhLWIyZThjZmViYWYxOCI6WzFdfX0%3D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://ibyt.in
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 1F39 		18 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=57860720388
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 16:09:43 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ Frame 1F39 		139 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
401da408a5a1a08101e44af35f3b89c5aa18a7062317bce76b6ffa9fcd258929
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:44 GMT
AN-X-Request-Uuid
a2353da4-609b-4a66-ab1c-2db3b2a57f34
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ibyt.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cookie_sync
prebid-stag.setupad.net/ Frame 86C1 		528 B
793 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/cookie_sync
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f57cf725ac157cef90c885104f773f321b738e6bae730c0f8a4275d74ae406d9

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDiYLUvLf3Npzql8e%2FEYNVGZgk6y0dohb4u%2BOnZ5a1VHdzOOEVPsVFFWwsPDPO7f%2BI6wzhH%2FMFNd0UEnoHAJZycrNQKo3PnmYWaBNiw%2FSpM2wGfuaY6NlZerR8uAUnyedT%2BObijAx8Y3U0HErz49kFn%2FjwgA"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7703e3e3b8549040-FRA
expires
0
auction
prebid-stag.setupad.net/openrtb2/ Frame 86C1 		249 B
521 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-stag.setupad.net/openrtb2/auction
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5d03b8b981571b0940a874aeada65ae3da165b9b465dcf97689dfde7c115ba

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-prebid
pbs-go/0.209.0-2-g4a3c5ecc
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qe1kw9kh6AOavHaXFSqNn3U%2BI0CdQOseZPOPgpiiHiPTYaSZSq1Ej3mXzdCaUrOjKDmUUtaWvxuaIY3w4zRq0lLqN9%2FyZGGiIn1UxdVi2bxKyar7ADJ8i0IHKejaioWM4ijpNnZEACdCoLRKIAOlhZPeraF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7703e3e3b8559040-FRA
expires
0
arj
setupad-d.openx.net/w/1.0/ Frame 86C1 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://setupad-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fibyt.in%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=707023a3-76a0-4e80-b7a6-6f3c86dbd455&nocache=1669478984184&pubcid=00122032-0dba-4cab-b25a-b2e8cfebaf18&schain=1.0%2C1!setupad.com%2C897%2C1%2C%2C%2C&aus=320x100%2C320x50&divIds=div-custom-ad-1669478983728-0&auid=556539115
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f14bc3b3919df8b5810b201eec78fb900f3da72bee0fd422abc0e4913f7c3e6f

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://ibyt.in
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 86C1 		138 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2443d4118a9bc848d696d90842b662d58a633c4d65aed9d3dc4c5aa70727d2e8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:44 GMT
AN-X-Request-Uuid
2e31decb-9f70-4690-9d2e-0be0d69addbd
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ibyt.in
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 86C1 		18 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=31775192812
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
cygnus
htlb.casalemedia.com/ Frame 86C1 		37 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=764373&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211def41bbeb5784%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fibyt.in%2F%22%2C%22page%22%3A%22https%3A%2F%2Fibyt.in%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22setupad.com%22%2C%22sid%22%3A%22897%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221254546a3c1ff1b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_320x100_mobile_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A100%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2213c0a6cc940df0a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22764373%22%2C%22sid%22%3A%22ibyt.in_320x100_mobile_sticky%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b053227959604d2c3c0945a10c2b406dfe1b1ca24108448b1722e888d6faf3f

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLLL8xVm%2FgqK46S5Qj1cT1%2B2X%2B1Lfms6sAi6zp4UqKb8VknnsPb2ZI3WjBcWxnslAAXHTVAPd393vMS6pkQsvMWdm5XnzB0Kc%2FYm3l8QFVFjqPrW1jTxNQISEJc2TPz1tr6DgH8Y"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://ibyt.in
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7703e3e3bda491f6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 86C1 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 16:09:44 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
adagio.js
script.4dex.io/ Frame 1F39 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PM78K2BY4E2VJM49
age
368209
x-amz-id-2
bUWi2Ip2935naQWMNtAJMlhoERwxv9UHVAi5VP8g6vrv0EZkfKDrqbQV+p9eIxy5pq3apTXuHUA=
last-modified
Tue, 22 Nov 2022 09:44:15 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fSo%2FD123q1Av6XkehsXcf85jeWg0%2FkcyBmnlFSM%2Bg%2BukI0d7DSWk%2FDb7H%2BsQYkLY%2BvjtpVDE53FvrsYWc1j3mefK8Y16wCJIS5DFToduOZcOV9KBk2mdE8QgxMzdchIDZd5EHcVsCVoBt8g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7703e3e41ee891ef-FRA
adagio.js
script.4dex.io/ Frame 86C1 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
PM78K2BY4E2VJM49
age
368209
x-amz-id-2
bUWi2Ip2935naQWMNtAJMlhoERwxv9UHVAi5VP8g6vrv0EZkfKDrqbQV+p9eIxy5pq3apTXuHUA=
last-modified
Tue, 22 Nov 2022 09:44:15 GMT
server
cloudflare
etag
W/"c56b6332dacf72f135afcd153ae22448"
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUDIlNvvgydh9lIH7l3XDGo%2B%2BPoXLRWIg4srIq2lZ374LzGEClOu%2FaTuuh%2FzUIDWccMWFXryV%2Fc39jfQ7fDUNcV0SoywLKta48rYr0dyyOZ%2FR5rPno1bFFPDs31A%2F0YEFR13TYmd7RVqyi5%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
cf-ray
7703e3e41eec91ef-FRA
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 1F39 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 14:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 14:18:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 1F39 		268 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibyt.in
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:44 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 86C1 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 14:18:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 26 Nov 2023 14:18:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 86C1 		268 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ibyt.in
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:44 GMT
setuid
prebid-stag.setupad.net/ Frame 86C1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid-stag.setupad.net%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526f%253Di%2526uid%253D%2524UID
  • https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=5324135977184355499
86 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=5324135977184355499
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDkH%2FoE6is571bLcw3s8cTx%2BNd8vN%2BH3ucqqQBmMsB%2B0m%2FemvPlYvlq1lknVdXLrILPAp7VGOWVc58kkJMMsrgm8IwB3FxIpDH6XqH%2F3E6zEu78uWtOh8s6jbaPEkBMPp7fqyHFtdexsTX%2FX9IDUKFEFVqLV"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
7703e3e53b909040-FRA
content-length
86
expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:44 GMT
AN-X-Request-Uuid
483bfc01-da3d-4e1f-bf37-4b01f2814851
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=&gdpr_consent=&f=i&uid=5324135977184355499
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=OaUG6HxhcUVvNi8zUUU2SzAvN3dqaUM3TGpyUUYwYkpYbUFWZU9Hd0ZMMVMrUGk1QWRma3FWa2hLemJqYlFlVnpCQVZVenRJa2Nxak9DVWFZSks4SVdJRkExdXRxa0cya3l5bzdKL3A1OXVpekV4UW5FaXB1ajRsbzlndi9oL2ZUSGo2TkZmVTVObXVqdGVXc3NmdURYYUtwWHVGV3F5bTlsdFlDUU1tY0ZoVDY4ZmFmUHRnU1FsMmU4TDl4QjR0a0dNSnVKbXFSVjhRNjRHRWlMZU44RmpVSzdwditBZCs0WEFPeWpQVzB6NmJZQzZFPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 16:09:43 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
526101
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jp91D3xMRXlJbmtnZWUyaVNYU3ZndEpxL3NhdlB5ekE4bzhDakRyZkgrMWMrcGIxTlQzemk3ZVZxYm4wR3g3ZDZERXo3UnBRbHVYWUVxUVhhemkrVExGT29VV2J0Q1V4NGNXSWdRMEVydFhtWHlGalFDN20vaW1LQlJFV3puUkNOQy95aFBRbXZqYmljMTlTY3B5ZmtNc25qT1ZNQkJkM2UyNjk0TmpUQTlmOFdhQklOaVI4a3VBcFk5RzZ1OFJjRWxCVjRwRG15UlNERFY1MlRVaDJ3SXg0bm5YWjFZdHdQc0lldjdzRm90eGlOeTJFPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
319463
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame FBFA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 16:09:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 10:32:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66114
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 10:31:38 GMT
usync.js
eus.rubiconproject.com/ Frame 4BA5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Sat, 26 Nov 2022 16:09:44 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Nov 2022 10:32:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66114
Connection
keep-alive
Content-Length
10066
Expires
Sun, 27 Nov 2022 10:31:38 GMT
um
cs.emxdgt.com/ Frame F50C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?ssp=pbs&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Sat, 26 Nov 2022 16:09:44 GMT
khaos.jpg
token.rubiconproject.com/ Frame FBFA 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 4BA5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
integrator.js
adservice.google.de/adsid/ Frame 86C1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 86C1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 86C1 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3740389170741780&correlator=1068068374740246&eid=31070232%2C44778409&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=147246189%3A22463069023%2Cibyt.in_320x100_mobile_sticky&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x100%7C320x50&ifi=1&adks=1292292166&sfv=1-0-40&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1669478984486&dlt=1669478983724&idt=685&adxs=324&adys=2486&biw=1600&bih=1200&isw=320&ish=150&scr_x=0&scr_y=0&btvi=1&ucis=pwdlt9a7nsm1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fibyt.in%2F&top=ibyt.in&frm=23&vis=1&psz=320x150&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=1499436997.1669478984&ga_sid=1669478984&ga_hid=1598723029&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b6d3a289e80eec31931959248a9cef5ea6f6d3b7da729d263352c9c4e35781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9728
x-xss-protection
0
google-lineitem-id
342103949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138303370663
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3976 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
Sun, 26 Nov 2023 16:09:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 1F39 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1F39 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ibyt.in
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1F39 		70 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3154202114977891&correlator=2412117249810623&eid=31069125%2C31068366%2C31070950&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=147246189%3A22463069023%2Cibyt.in_300x250_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C250x250&ifi=1&adks=1835089781&sfv=1-0-40&eri=5&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1669478984499&dlt=1669478983745&idt=640&adxs=485&adys=828&biw=1600&bih=1200&isw=300&ish=150&scr_x=0&scr_y=0&btvi=0&ucis=nnnog9r14t0e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=2&url=https%3A%2F%2Fibyt.in%2F&top=ibyt.in&frm=23&vis=1&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=849593737.1669478985&ga_sid=1669478985&ga_hid=1043533131&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eca99ecb66f510813b45339186b0988965454c1581d757257c41044bf38b5ba2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33257
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ibyt.in
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B12 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
Sun, 26 Nov 2023 16:09:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
setuid
prebid-stag.setupad.net/ Frame 86C1
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D&gdpr=&gdpr_consent=&s=194962&us_privacy=&C=1
  • https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4I6SChWWlb1ql6pC71CxQAA%265147
86 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4I6SChWWlb1ql6pC71CxQAA%265147
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
2606:4700:20::681a:8b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IhGYagRMYWogkjsoJuxhGapQdlio0UCzJGSW9qDlV9ICt9p1OpINspV%2B4YmIOBdmltuCv7oWvLDlh1M%2BOVNETjdLp%2BJlfRHuLbt4ETgtyWmoklOZXYFy%2FkELUReBJHmH2yJ3UPh7iHrB6o7fc9A6ISUx8aW"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
7703e3e76fe19040-FRA
content-length
86
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjQqUETJqhUHCXNRSPQ9bmCZ2m%2Bdx%2BrbAKjWSizrbSbdGgrv%2F4ef9E1Zug%2FaxSHIkhZZ1ovdg3ASC3qfqktZY7%2B%2F7VkmbbYXKQCsaBOwiDsHcdYfNYEjtqRRSGz%2FFdGaJNJLpAt7"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid-stag.setupad.net/setuid?bidder=ix&gdpr=&gdpr_consent=&f=i&uid=Y4I6SChWWlb1ql6pC71CxQAA%265147
cache-control
no-cache
cf-ray
7703e3e6ef0c9195-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1F39 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acb8fd7a58e38293d6d1ffc12285393889edcd5a8c1e99839b911c3fbf1cbaba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11170
x-xss-protection
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame FBFA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame FBFA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame FBFA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=36584
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
token.rubiconproject.com/ Frame FBFA 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=25470
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame FBFA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesync
bttrack.com/pixel/ Frame FBFA 		35 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-servername
Track004-iad
pragma
no-cache
date
Sat, 26 Nov 2022 16:09:00 GMT
x-aspnetmvc-version
5.2
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control
private,no-cache
content-length
35
expires
-1
tap.php
pixel.rubiconproject.com/ Frame FBFA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3210463133588474598&expires=60&gdpr=&gdpr_consent=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3210463133588474598&expires=60&gdpr=&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3210463133588474598&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame FBFA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rubicon
  • https://x.bidswitch.net/ul_cb/sync?ssp=rubicon
  • https://ads.avads.net/sync/bsw?bidswitch_ssp_id=rubicon&bidswitch_param=e90396b4-4eb7-4691-875a-bcce21f86e51&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=352&user_id=2abbba51-442c-4a0b-bfed-40e12361d894&expires=2&ssp=rubicon&bsw_param=e90396b4-4eb7-4691-875a-bcce21f86e51
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=e90396b4-4eb7-4691-875a-bcce21f86e51&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=e90396b4-4eb7-4691-875a-bcce21f86e51&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=e90396b4-4eb7-4691-875a-bcce21f86e51&expires=30
date
Sat, 26 Nov 2022 16:09:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
tap.php
pixel.rubiconproject.com/ Frame FBFA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/rubicon/
  • https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
109
Content-Type
text/html; charset=utf-8
pubcid.min.js
id.sharedid.org/lib/ Frame 86C1 		732 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/lib/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.217.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-217-198.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
cache-control
public, max-age=86400
last-modified
Sat, 26 Nov 2022 14:24:54 GMT
accept-ranges
bytes
content-length
732
vary
accept-encoding
content-type
application/javascript
esp.js
oa.openxcdn.net/ Frame 86C1 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 13:48:51 GMT
content-encoding
gzip
age
1218053
x-guploader-uploadid
ADPycdu3Gw5FY_q4NTn97VXYnntJVtAX26caEl7o3n1xhH_sP1GWn03HtLzXWtmuhtpWhoyqDf_pa2Sc5NeIIOZROxkPyfq5tOA6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 12 Nov 2023 13:48:51 GMT
esp.js
cdn.id5-sync.com/api/1.0/ Frame 86C1 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 24 Nov 2022 12:48:29 GMT
server
cloudflare
x-amz-request-id
AS623DQBY0CG4WQ2
age
2654
etag
W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7703e3e7cd0590e6-FRA
x-amz-id-2
opH3n6Ss4TlDtfyjukoygT4YC9ks6ezIdzU29iyaBzEnETZcFBMAM6rnMr/Jv2PsgS8/3mqoHZ4=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ Frame 86C1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:12:44 GMT
via
1.1 google
age
3420
x-guploader-uploadid
ADPycds4le2y_d5zerkIhxKwHr5hJXeB4LDcK84vr1goixm5g57K-fFNTEpKiKPk_e7RtAb6zoZ6AeJhwxQUL58hJTRAFg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1258
last-modified
Fri, 29 Jul 2022 16:55:09 GMT
server
UploadServer
etag
"f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation
1659113709880056
x-goog-hash
crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1258
accept-ranges
bytes
expires
Sat, 26 Nov 2022 16:12:44 GMT
publishertag.ids.js
static.criteo.net/js/ld/ Frame 86C1 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-9c1f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 16:09:44 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ Frame 86C1 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-47.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 19:00:23 GMT
content-encoding
gzip
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 18:55:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
76162
x-amz-server-side-encryption
AES256
etag
W/"2c5f4a319c3d99310927955777b5abe3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
teDv_ksB9HATWD4b5qxfcuVtMNhXAqlBkI5DW1XCxdZhqDSbt44KtA==
uid2-sdk-0.0.1b.js
prod.uidapi.com/static/js/ Frame 86C1 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.37.212 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-37-212.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
cache-control
public, max-age=86400
last-modified
Mon, 31 Oct 2022 06:06:26 GMT
accept-ranges
bytes
content-length
3211
vary
accept-encoding
content-type
application/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame F153 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJyxQW62mnTEFmOCUGBkXfT6uyRQ9GZEalX0H7ydV9JXfK-J9FyU6MjOdLKD2VSwbIDl6bviCVQzJWgSFkgjdkYws4yrWPyGFXg32OTKLoc0q7XQBir_O1oCVrdLT4ONuHHHKBOBbG7lq7yBWZ63NFr-gGV4nu_BWAHvxaPZ7-hAbz-uTlXbjjMAsEj5z4DL43Pb6ErKPHcI2AS24TaKoJrANsBxhtgTi7YCLPzmIVj9-sLXcuhvihU9TjvPXsJASJtF1Wpfzk4W9dQC8654NJn2_1lR5sf4hlR1EuLX1Hi80TCuu5O8Q6wrQ8piOwXsN1RsrpbA7eGJqD&sai=AMfl-YRdZuKYYE39puvsMBrOsS5A8idkzYDVJShN_iZPGvuz2TvRWgYCa3SutnCAFXAEd_NRNYa69XSEH84OzTJgT61BE-N4UhLeVBBfveYRijrbFyH1XL4V8YuUN3BPuednfR96ZtxR7cWIx3ShuCFC46g&sig=Cg0ArKJSzMv9KN2DbcEAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:44 GMT
node.php
node.setupad.com/node/ Frame 86C1 		0
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F153 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 16:09:44 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1F39 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 16:09:44 GMT
truncated
/ Frame F153 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09729a6f1dae2c6f06ab07121ef230efcc5c996a646f824deb767e7e3c9bc505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame F153 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumxmmxSIZ05Ek6i70Z0J_8s7uDo4v6AcRx38FPve1_X11qsGhi2ZN3cp3XG3p_s6ecVpDeRA6lZNZDwff6vpeibJnXfh2tB-IEDAk8ejvwrqoYjk1jkaLTwgphdsV2VSUxGt9PZ8jHiyoHrEQwucAQ11aMgqaqSTQtTdGM0CvPUwhW4va0ts-DzHK5MmiWuNOLRBlDLc8iMQuN_T9UGDsxp3ZbpBKtvp2GWlzyzGxZ-u-SqiNJ1Y7MqSsVCv1dLybuXp5LxdGyRfHbW7zCKBDmibmP36GJrXlPt30M3QzH2LmWiwITDUQnPqMatbKuoZh9JQqeuCQawnEyOms&sai=AMfl-YTLLZ19-CvyEBqbZhTHiblEQlmjzFcuZ7PX1bXry7DS3AyrI1PMuNBNU29Y7sKO0TFmZiltyjIc15gu28MFp9X8mFoLyc7_V12yhftLwK7nJMy7A2mxTM3_tJG8zcv0NczdYluMGnu-zdNZFM-bWKs&sig=Cg0ArKJSzJFlC5e8UWy-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:44 GMT
encrypt
esp.rtbhouse.com/ Frame 86C1 		221 B
238 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
4dd873568d7764066c3958f0a7406285f81eb20fb607916af713cfce489ea04e

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
844fbe50cea7b71fa27a3ededd123dc1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ibyt.in
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://ibyt.in
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sat, 26 Nov 2022 16:09:45 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
e14e46aac01b8e949a7f9549dda9eba1
esp
oajs.openx.net/ Frame 86C1
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
85 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
eb1b995f7eeed1cc8cb535f9bf9b358464bc3b27fe9505a8e9e72205006ea741

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-A5kzdaPvPi2faeGo/WoOIT4dRtU"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ibyt.in
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 26 Nov 2022 16:09:45 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://ibyt.in
location
/esp?url=https%3A%2F%2Fibyt.in%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
map
bcp.crwdcntrl.net/6/ Frame 86C1 		60 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9123daaf45175206736fd670ab3b1b8550fd46cd39235ee82492ce252ad3dabd

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ibyt.in
cache-control
no-cache
x-server
10.45.15.130
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ Frame 86C1 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ibyt.in
date
Sat, 26 Nov 2022 16:09:44 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F736 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 15:55:43 GMT
expires
Sun, 26 Nov 2023 15:55:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CD73 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61b87301b4f479123e270aeff5af4cf03da0c254045fa6d58161c46dcec32793
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zgL7PJv0kFkryUwIJtnehQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-zgL7PJv0kFkryUwIJtnehQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:45 GMT
expires
Sat, 26 Nov 2022 16:09:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
syncframe
gum.criteo.com/ Frame 4CC6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ibyt.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:44 GMT
server
Kestrel
server-processing-duration-in-ticks
888373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4CC6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0a...
  • https://mug.criteo.com/sid?cpp=rW0sPHx0MWVhNDc0WGxFN2pFSGgwZG1QZnR4cEI3QnV5b1A4cWpnNm13WUZzMEl4M1ZpZGtKTGFUZEpSdWpkNWNEeUc1TVdPNG96L1Vwc1JoWThiT1lPTDdzSGNGbkFKNkxiQmNGLzdHanVrRnpIenNNOWR0Sk1MY3JiSV...
436 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rW0sPHx0MWVhNDc0WGxFN2pFSGgwZG1QZnR4cEI3QnV5b1A4cWpnNm13WUZzMEl4M1ZpZGtKTGFUZEpSdWpkNWNEeUc1TVdPNG96L1Vwc1JoWThiT1lPTDdzSGNGbkFKNkxiQmNGLzdHanVrRnpIenNNOWR0Sk1MY3JiSVNWa0JRZXcyMVd6UExMRmZoeHR4YS9IYjVlWkJCQVNIRUYyYVM2ekgxdWlVUWpyRVhieDZPL2t0bk84YUZXSnNTS2t1a3YzS2cxUWxRaXJmT3hPc2pkUmxCdFFzUWhscXZOcEdya28wSDNSVU53NmN5MG14WndEK1pYamJrRmQrdXB5M29ydXhoTFhMMjRWRi9yN0RhRUEyL1BnL1dVUT09fA&cppv=2
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
eded37b94340e1cfd571d4d7bc6f13b31a221dc6c39f175249a46ce71b849522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6490856
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=rW0sPHx0MWVhNDc0WGxFN2pFSGgwZG1QZnR4cEI3QnV5b1A4cWpnNm13WUZzMEl4M1ZpZGtKTGFUZEpSdWpkNWNEeUc1TVdPNG96L1Vwc1JoWThiT1lPTDdzSGNGbkFKNkxiQmNGLzdHanVrRnpIenNNOWR0Sk1MY3JiSVNWa0JRZXcyMVd6UExMRmZoeHR4YS9IYjVlWkJCQVNIRUYyYVM2ekgxdWlVUWpyRVhieDZPL2t0bk84YUZXSnNTS2t1a3YzS2cxUWxRaXJmT3hPc2pkUmxCdFFzUWhscXZOcEdya28wSDNSVU53NmN5MG14WndEK1pYamJrRmQrdXB5M29ydXhoTFhMMjRWRi9yN0RhRUEyL1BnL1dVUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
493564
content-length
0
expires
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame F736 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 15:54:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CD73 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3154202114977891&rc=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F736 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?5dK1kQ
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3145 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
Sun, 26 Nov 2023 16:09:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 7AD9 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 26 Nov 2022 16:09:45 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sodar
pagead2.googlesyndication.com/getconfig/ Frame 86C1 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94bee3b57568569343c778c23e36d39c861a88e3ccf04dc78472d9f041f222fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe12320e03842b8847060d071ac10a5f16d8e1640a5c755538d433ca31ade473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11119
x-xss-protection
0
container.html
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 093F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:44 GMT
expires
Sun, 26 Nov 2023 16:09:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 86C1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 16:09:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 16:09:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 10D1 		624 B
557 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2YKRDRtYusAhjnr8vZATAB&v=APEucNVeNsMU49YO0UAsyeyhSgYEpwP-vLTvD912_tBzKZY5m4QY6OjJrBGz3MrEbcZo01aNjA-PGSyR18f7Q3naAS_PxzhXaLM4FLyUui3s2-SPxqSvWQu4t9txeWdJ_Y0bXmwDd382Pn2rfELE9xmsSMz3uc0MQV086aXNLhTjB3kRDpZyn77idBYiUlXOjaUrA-i2EZcq5-9_IhHXt7xr0Hx6iOQ7Hw
Requested by
Host: 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
URL: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:45 GMT
expires
Sat, 26 Nov 2022 16:09:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 093F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:23:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
13558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 12:23:47 GMT
7207691952198775982
s0.2mdn.net/simgad/ Frame 093F 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/7207691952198775982
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e38f0cc75eb564053128e3b32d4bae98fe8cdcdb57647ab7afbecd2600928ff0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 11:21:53 GMT
x-content-type-options
nosniff
age
362872
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38593
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 07:23:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Nov 2023 11:21:53 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 093F 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 21:38:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
66667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 09 Dec 2022 21:38:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 093F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-uOALRI1JSySkIdApvWdVPMiND6WM6wCj54Lgqxa5GJeVUIWdSAdWY7Zy3qIzNplZoOuIK3kaNkbRsJ_F-OViKU9uka4PQ1fnZFNWekKkHj4_QjePOjROYXygnVKbD2XhOf69pujBSWx7IUGXVwV6NnNdY6K3XmxazmeRGW2fJYCzyGnXJrhQzRxyKbnxwjrUq3JSX0534r57dXf1IhuBsR1OG-pN0oxebAUmYO1717yuCjNYh1JC3LgbwlXfbKdBLz3mZqI5xf44FNXZ9nvt7vxkZ1g5Sbul7cVX15RUEy_N4PI4ZOPJFJiHO7M-E_vNfac0-pt421fHVSW-k6sY8Oa8UBe8Fp0e6IIbvDznk8xm_iZ6koQiaUhJW5M9u1DBwFfvDOqjshNPFgjreXA9rHTIItprVjDiObeT7Ag0WePHk2mu2E_Wj3MDRSJNlvsV1NcxGbs9AMBT-6s69L8wONbc1Q6_gxRxm9FruZK92vBi9l-akHL1WJdNcBXq_RI0PYvSE2xtpcokCGXMgl8EcfS8_QX4zHF49fOj8j-3bYRk75nMfKnaK1a1bSdo2Ic1zPOKKDopqi5LBJaty564nzdVmejc6D4yv2Y0Nrqv3zPj7BwscZspTrRotXRR1rOC-YjmcRGF35UfTBO28ui39hbq9vBk85JON8iVY8rNqN5XJeL2SbshmYxraCKzGeJi-9-R8goQj7znZHaaryoBvkf15fJYXcsftXHSgk27fsv9z_YlYwQSvGoEiHuuXhHM6j7sjG076Zy0JIxCUPHLfNpQb-502_FyG5DezGFIr8x3AnvWP-mf8FmnW4QnZIagfZtuOgL21cjT9sgfWi_W9gekt25lR7_WFUa0QpZtZXLBrOlol7pUetsoj63NqaKpwsKLr9sr00Zvh3yHcLpxyj-hBse2UGPzLDAqqo4TiphWp4Y0iF7ToHyIJ23vhVTHprmIfdbU7WM9WT7CwzBxiixwcaChSqxeOYKQTbsKtY8SPG2aGZ73fPR5a9KsXcQoACmzTQOai3oPa5NJ_3807doZtDKm_wMsGx5q5lq3dwxHQYXrg2orHnCpfYhzfRZSzUti_JPgXPWkcxkwSH5ZoXIie5lA1A5BoeGyfhBKB-GFnQo0q27hIeGJtTTSpw&sai=AMfl-YQPRKo-EmSbAu4bQ1Y94GbBj2haKejAIIy3YsdbRAp3cNRArYe2WpGInwkpTmaVpnaOSrFEAMwfy2cIpHLrpvy3n6exIaIoP8yGn5IXZeLJaQd4e8mFu7VaO9nvo2O1Bs1v0Slgd0BYSUvY4vNQ9tya0gxagdgUBvNzof8kffUwL_haWNkhPIoZF4Nd7ZkkndJiiCaoXRW-L5Zsdxsa7OWof6BFEJ36XkJyibYmXShzBYzZp1cu71JgJIWBZqQA28N1IxVEB92DVpCprEcn6wi6pHTns5jeUYfjORA7owQ8l3HM43D2qfjo0OVtMwG7CpUK9bhn5vV201TTRPhb-uUBcmtZkQZlqrqakcGHGAci_eQ3Z2ALFubLNJKB093uy0JKsYg2FnanQfCPgkUD6_f7CeQg9INr1s9v-ZQuxx9rNYSPkVSuqFUPqdihBMDR0eiKcXshS0z0zt-pDYxW8k4M8XzFDfUdB0pNsjI55w&sig=Cg0ArKJSzGEtUYL3OSEqEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20221110.98128&arae=0&ftch=1&adurl=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 26 Nov 2022 16:09:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:45 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 093F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 23:12:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 23:12:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 093F 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AU_3LMtn88TTXwSCb0fcajp4r5JENUKwc6Yef8v8guFKhTcu-fdB2C38YiNYX-XouIz3-Rlt0b1UpJjFDUDAPgJVE3K0x3bIB1UQIhT0EQBTVtVQI
Requested by
Host: 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
URL: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B28951892.352074681;dc_pre=CNenpe-dzPsCFcmJdwod_rEDTA;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/ Frame 093F
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/B28951892.352074681;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdp...
  • https://ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/B28951892.352074681;dc_pre=CNenpe-dzPsCFcmJdwod_rEDTA;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_c...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/B28951892.352074681;dc_pre=CNenpe-dzPsCFcmJdwod_rEDTA;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
URL: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N9087.3378211DV360/B28951892.352074681;dc_pre=CNenpe-dzPsCFcmJdwod_rEDTA;dc_trk_aid=543152013;dc_trk_cid=181945028;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 093F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
URL: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 14:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
6659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 14:18:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 093F 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
URL: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
13557
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 12:23:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 093F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
URL: https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 26 Nov 2022 16:09:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 09DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 15:55:43 GMT
expires
Sun, 26 Nov 2023 15:55:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6CC0 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b27c3baf6add94c45284b1b40900b7d00828dab12a5abfaf82a35c7b6bcad0ca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YXxFQYv2I6d8vX2nQxoCog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-YXxFQYv2I6d8vX2nQxoCog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:45 GMT
expires
Sat, 26 Nov 2022 16:09:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 688D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 15:55:43 GMT
expires
Sun, 26 Nov 2023 15:55:43 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 797F 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
547b1daa4e83d8991d42146ccd89ebff99d2c89f072623d13218c3392541188b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-USocrdvuu0dt9SRWl_7aqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-USocrdvuu0dt9SRWl_7aqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:45 GMT
expires
Sat, 26 Nov 2022 16:09:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3154202114977891&bg=!LC-lL2vNAAbvMpMzzzI7ACkAdvg8Wo5zhO47vgPIXtQWFaSWUZrqBI5xonV1pVvGT9S9eJUmg8LN-gIAAABbUgAAAAVoAQeZArBWF7j7Nf4Rxo9EUhaq-bDqRIVErlMw7MRJ8mgN_OtnQm_cN-nsc-iE_UKc69eY5XAFA1eGiC0wz9qxVb5rbGmFAbx7U3xsG9rP_kOrG43Q7Zs4YNNmCUjheKfhOdfPkoS8LHsGrSrqneenwOQph405kjuVk5AYxa6vRGvRY5gIfP7b6sMTMAYblWW7jAnK4dLu-SVv7zr-rKZskhP1zvgWOUFghYfMS9kn11x0HNvnRn5AaC8UgoPTO9rtuQLS1PtK9DB-l72Lhf5deMCAsStUBYVwTaSDXH1BR_oF_shEVHueZCFX85LOMGWTUafbrH0SODk8Cx1NTyM6VxvsKl0GVWYtmKjB5GUBZdMPFbEGNUYIe43JalvGaSTTeOgEk-KFUGnQCuiqHnJ_rurdpYG7TLaMDhHd8UDqLo4aoKMLOJ7fdXAv6KtBt8PnUNJG-WQLafFlG-eaekDHGJJCwbuvnnWxjjN2dPzKaZ0qjsxxjMUYutwmd7-hP1srUDS3mQTsXOX4qQWWlErUtOWQyGMylP4EVw2iaQgN1Lt-lC2qlHzfmqL1d2UP-H8s1jN2UuwYOKs9K346FyZki31JPQNrPaQ15p0xE2uRDl5w9i594Q1oTomcC9ynYYJ9Xx-yFYJSqUTxzeZwt6gSK3XgLHvFkGU_XpU6vZA1bCCQyotx5JzNinq6ND4aeD7YMVsKwqMHMVdHWsjJbDuiAo8WbCnc6NfxD0-rmwqKPAuToJi7D2KOsKO9_L_X_Ci8y1i4txtvIfXYpkZ18eZ8FK5dl4HF6IevEx-ZpEcIPP4-5Q0Q9Ix5OZfJc5IO6FW9ffrXSe7rF_l7wz_ME4_lbYerOs8Mzyxa_E34w2x2jBuRm7zD8N6m4vu9E-e1O8PwvYJ_3zVkZtJK8xZkt5Bxjy3npmU4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 10D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2YKRDRtYusAhjnr8vZATAB&v=APEucNVeNsMU49YO0UAsyeyhSgYEpwP-vLTvD912_tBzKZY5m4QY6OjJrBGz3MrEbcZo01aNjA-PGSyR18f7Q3naAS_PxzhXaLM4FLyUui3s2-SPxqSvWQu4t9txeWdJ_Y0bXmwDd382Pn2rfELE9xmsSMz3uc0MQV086aXNLhTjB3kRDpZyn77idBYiUlXOjaUrA-i2EZcq5-9_IhHXt7xr0Hx6iOQ7Hw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:45 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 10D1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4I6SChWWlb1ql6pC71CxQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2YKRDRtYusAhjnr8vZATAB&v=APEucNVeNsMU49YO0UAsyeyhSgYEpwP-vLTvD912_tBzKZY5m4QY6OjJrBGz3MrEbcZo01aNjA-PGSyR18f7Q3naAS_PxzhXaLM4FLyUui3s2-SPxqSvWQu4t9txeWdJ_Y0bXmwDd382Pn2rfELE9xmsSMz3uc0MQV086aXNLhTjB3kRDpZyn77idBYiUlXOjaUrA-i2EZcq5-9_IhHXt7xr0Hx6iOQ7Hw
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:46 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:46 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG-JOietz2ub_W_EwI7oVd4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 10D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIyjxRHuh09AVPfWm7WqR04&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIyjxRHuh09AVPfWm7WqR04&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2YKRDRtYusAhjnr8vZATAB&v=APEucNVeNsMU49YO0UAsyeyhSgYEpwP-vLTvD912_tBzKZY5m4QY6OjJrBGz3MrEbcZo01aNjA-PGSyR18f7Q3naAS_PxzhXaLM4FLyUui3s2-SPxqSvWQu4t9txeWdJ_Y0bXmwDd382Pn2rfELE9xmsSMz3uc0MQV086aXNLhTjB3kRDpZyn77idBYiUlXOjaUrA-i2EZcq5-9_IhHXt7xr0Hx6iOQ7Hw
Protocol
HTTP/1.1
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:45 GMT
AN-X-Request-Uuid
5838c1d5-68c2-4185-8c1b-f45ad2b1b638
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIyjxRHuh09AVPfWm7WqR04&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 10D1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyNDEzNTk3NzE4NDM1NTQ5OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyNDEzNTk3NzE4NDM1NTQ5OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK2YKRDRtYusAhjnr8vZATAB&v=APEucNVeNsMU49YO0UAsyeyhSgYEpwP-vLTvD912_tBzKZY5m4QY6OjJrBGz3MrEbcZo01aNjA-PGSyR18f7Q3naAS_PxzhXaLM4FLyUui3s2-SPxqSvWQu4t9txeWdJ_Y0bXmwDd382Pn2rfELE9xmsSMz3uc0MQV086aXNLhTjB3kRDpZyn77idBYiUlXOjaUrA-i2EZcq5-9_IhHXt7xr0Hx6iOQ7Hw
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:45 GMT
AN-X-Request-Uuid
4befa091-8f5c-4826-aba4-c3c3eb116de3
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMyNDEzNTk3NzE4NDM1NTQ5OQ%3D%3D
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 093F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0a8b3679ef4fd71d156628b21be99f87d0703d53da7b0a1a245f33dd996364b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1A28 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
99954
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 25 Nov 2022 12:23:51 GMT
expires
Sat, 25 Nov 2023 12:23:51 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 09DD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 15:54:06 GMT
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 688D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 15:54:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 797F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=472574771347751&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6CC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3740389170741780&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 1A28 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 15:54:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 15:54:06 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 093F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-uOALRI1JSySkIdApvWdVPMiND6WM6wCj54Lgqxa5GJeVUIWdSAdWY7Zy3qIzNplZoOuIK3kaNkbRsJ_F-OViKU9uka4PQ1fnZFNWekKkHj4_QjePOjROYXygnVKbD2XhOf69pujBSWx7IUGXVwV6NnNdY6K3XmxazmeRGW2fJYCzyGnXJrhQzRxyKbnxwjrUq3JSX0534r57dXf1IhuBsR1OG-pN0oxebAUmYO1717yuCjNYh1JC3LgbwlXfbKdBLz3mZqI5xf44FNXZ9nvt7vxkZ1g5Sbul7cVX15RUEy_N4PI4ZOPJFJiHO7M-E_vNfac0-pt421fHVSW-k6sY8Oa8UBe8Fp0e6IIbvDznk8xm_iZ6koQiaUhJW5M9u1DBwFfvDOqjshNPFgjreXA9rHTIItprVjDiObeT7Ag0WePHk2mu2E_Wj3MDRSJNlvsV1NcxGbs9AMBT-6s69L8wONbc1Q6_gxRxm9FruZK92vBi9l-akHL1WJdNcBXq_RI0PYvSE2xtpcokCGXMgl8EcfS8_QX4zHF49fOj8j-3bYRk75nMfKnaK1a1bSdo2Ic1zPOKKDopqi5LBJaty564nzdVmejc6D4yv2Y0Nrqv3zPj7BwscZspTrRotXRR1rOC-YjmcRGF35UfTBO28ui39hbq9vBk85JON8iVY8rNqN5XJeL2SbshmYxraCKzGeJi-9-R8goQj7znZHaaryoBvkf15fJYXcsftXHSgk27fsv9z_YlYwQSvGoEiHuuXhHM6j7sjG076Zy0JIxCUPHLfNpQb-502_FyG5DezGFIr8x3AnvWP-mf8FmnW4QnZIagfZtuOgL21cjT9sgfWi_W9gekt25lR7_WFUa0QpZtZXLBrOlol7pUetsoj63NqaKpwsKLr9sr00Zvh3yHcLpxyj-hBse2UGPzLDAqqo4TiphWp4Y0iF7ToHyIJ23vhVTHprmIfdbU7WM9WT7CwzBxiixwcaChSqxeOYKQTbsKtY8SPG2aGZ73fPR5a9KsXcQoACmzTQOai3oPa5NJ_3807doZtDKm_wMsGx5q5lq3dwxHQYXrg2orHnCpfYhzfRZSzUti_JPgXPWkcxkwSH5ZoXIie5lA1A5BoeGyfhBKB-GFnQo0q27hIeGJtTTSpw&sai=AMfl-YQPRKo-EmSbAu4bQ1Y94GbBj2haKejAIIy3YsdbRAp3cNRArYe2WpGInwkpTmaVpnaOSrFEAMwfy2cIpHLrpvy3n6exIaIoP8yGn5IXZeLJaQd4e8mFu7VaO9nvo2O1Bs1v0Slgd0BYSUvY4vNQ9tya0gxagdgUBvNzof8kffUwL_haWNkhPIoZF4Nd7ZkkndJiiCaoXRW-L5Zsdxsa7OWof6BFEJ36XkJyibYmXShzBYzZp1cu71JgJIWBZqQA28N1IxVEB92DVpCprEcn6wi6pHTns5jeUYfjORA7owQ8l3HM43D2qfjo0OVtMwG7CpUK9bhn5vV201TTRPhb-uUBcmtZkQZlqrqakcGHGAci_eQ3Z2ALFubLNJKB093uy0JKsYg2FnanQfCPgkUD6_f7CeQg9INr1s9v-ZQuxx9rNYSPkVSuqFUPqdihBMDR0eiKcXshS0z0zt-pDYxW8k4M8XzFDfUdB0pNsjI55w&sig=Cg0ArKJSzGEtUYL3OSEqEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=206&vt=11&dtpt=204&dett=2&cstd=1&cisv=r20221110.98128&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 26 Nov 2022 16:09:46 GMT
generate_204
tpc.googlesyndication.com/ Frame 09DD 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ss9LWA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 688D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MJG6gA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
node.php
node.setupad.com/node/ Frame 1F39 		0
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://node.setupad.com/node/node.php
Requested by
Host: ibyt.in
URL: https://ibyt.in/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sat, 26 Nov 2022 16:09:46 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET, POST
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A28 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL9xcSDqCY-O7IrW5lQfzsrLwCwAAAAA4AeAEAg&bg=!oKOlo-fNAAbvMpMzzzI7ACkAdvg8WsY2cjda47gFsrd_jBrsjWbA8Qns4lRZFU1wdu2Dy3LZHQttkQIAAACsUgAAAANoAQeZAxTySob4gbVec1DUdngS7FHPBhZIcaFhR8ho_L917XQqsmL1kzbtz-MPbvsA_FBXxiY3i4U9EcYAacai8r54f7aidHXRnwQQW7_SrjV7DlZ6ePZIMyguax4bJYj5UFVbY9jPeTPmCzLwlNVftpNHeYXg_S9dfOJaJetjOGe8HESIe5ntz-LR4QBSUQQ-I33MvD83onln3RDlW41zTz8UI8f61ecvM7aFjWUGg368CVylUVnSIUkgnnYA7jFUTCuGuRUlF1-JU1fCkWiBgd4lcePaEOi641BYN9AvzAoPVWgfTV0gcZ6o0DgQF5ZawmTpSMl8oaWr63973nAJwKuGRWg9imvozZdEuDnyosAsGogGcM8DiHJhtGA9f075a0k8WsEMm6ua7ipTOHI0x3lR4TuwJ_IHWG3puCTczehVGnXMkSSmSQi9d1RNLxiWK66sNl7uOZ_Y_N5rDU1jLBr3o_cXu1fwz4Qky52uQniV-hP81TENFHGYKJ4nBTpEaCMVGMFJHq8vnnMY_nwvszx_kFeb14pz5S3BlTMgxXejG8MxmitJvcB0PlmJu1Bvv-61it1CjoRuj4IO3mWtSIUywm-5s06ysiKc2HQ8xls9G_cw-trYEEAo8PEtJRYEX5Y3TL2SM96DW2BT-D6ecDo_CJ0i0Acby6-rBAlj2U9MhFkUo0UV0f5_hEuAMwvGiHvRWPze19O4pfEYcJMW9_eSC69LzkS01cVmdEjhEu6YPtz4QzqylT0cnzUaf9UcaQ3sdR-Ulfm2oTcNnU168XBehw7yoQWXCyZM_CXFCNbucl14eEXI6udZcMm8GNxgvqtxF5q4XIyyWj_m2vsWKpG0-p2qqpNPx65xIRasdaJhZZKS6wyKnq5md8sbhxi3wjJWsQxxhVf17-NYiHChGy5AcE_TN8ue3DU3wHM8_1nUaKC_Y1CdnPrZ4jyN6MaeG6vw7H7aIoAEzXqQexsvHymu0LcpaWhj8ScR9YtmenPzSbsvg-oTmrQ-NRpKtRJGq-OJFQmwEVlLGwZFFqTcR1zBGO3FUTOiCg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 86C1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3740389170741780&bg=!urmluf3NAAbvMpMzzzI7ACkAdvg8WiRo6VcWYtLDiXdlqqAImi7w8-XeG0kt6j7YYHAKQAtX2ovJcgIAAAC0UgAAAAJoAQcKAJWotvupiokSovg6G5SfZjXu-59xVSDYcL-zJRp4uI_D6l4l2X6yPIkOqxAI0dYnXz-bwvkrR_HI0YgL3dkZD6Je_fCaGcVfbqUj0pLN4ojHbh626OJE09WcgHUjv7p370KJW8uyaWfUnPYAuHYnIpQvJo12LbI7_BOlNMVZe2ypo_dDr9BA13Yf-VhTsTjZQg8s7g2DGZkCpMUZbcyYNP3yTs6SCRIbDVjkewq9nkrIiDObN0wI6XY4_2qkVHPjvtET6XZrCmbxnFVf8-4sIP1XWQMtK2pSX0c2OAzFgl6QhWja6A6MiMHMBmJ8HARGgRBLcslNWhkOBncK0VsoZWEr2-YMp8d6928hWaZfWbfXizf9Me-JYlHfxK48RaxZzVXcfqYtIVZTZie2zo75CCr4v6XmztcvvU3QOv5w-F1o73pdauRjLHvrlxXU7JKbg8qTgfqkkW_gL9ucDzwUQiu4fvpIFAwvBD7sk7NNCG7xf8uu2uDlSZ6Sr6t_Vy418FBBctzFIjxfYstRfI1Zxs29d33tt2nVw47tHBZIrnUVNknP5TEjU5s9seZAlmWMUwBpFFbk3P8dAJb7Fr85aqbR1cns42TEbkHGeXY_9B9SOi2NPeWvh9c6pjPFyiw1of4ykbcRBqSuVB8cXiCu4SFT1m_zNXWDuQENqWbYFs5n0An8Czg2x8fZmafsjDcNTKVZHwhB2lxwpGQDH-zfKEiu2hAq5BdSf5itYLYba__uU2Tno4691rONNMFfgWMTSSXxebDiP36G1JuJgF7GhtQ-0gKO-aFd1sFaACfvcszbcOzwu5ur_r74hrOaX_MLZbyVIdpRJGYgfV0iTvWI1kmz_ZokKdkHV6vqxBfsrLi57CJ5wBx7Q6BpQ3NNGwnoVUkDMK1JjpG6hyqa1Z874Y3bGugCBySiAMU1ZtooWMyqScBrOEBK_e62MNc4QJiETyA4JBjSpbGfm2CRzNOlDYxkIUhd2Az02wHEiKV5_Htsyr6BC2z9FjzVER1Er7je0Arateq8CNKf8oXTxw4h1tEr6LoyQYYttRkCspI9ChBeeQQvy3Brt45C_ZNFcwVeXVFQmjHh11miRfh00J8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=472574771347751&bg=!xsWlxYHNAAbvMpMzzzI7ACkAdvg8Ws5nK09pCZvDOR4CqyKfV7velvqrfagASAj8qjqj2pQA2Pa3oQIAAACwUgAAAAFoAQcKAIlwNmewJ-gwd4YzJbRx8zFX_TvGBtCvJ3BPtxCyJCkS9wBQN769ib4w-TGGTZm4dOmiUqjQ1Di68Y5J0V8phMLAVWIIeP08-oYg5Y0wWUU5N2hJOUyUVmcU_OHaPXqLyG40WWugFPFfQ4wuRm4GYaEhi4PtMWlVcM2hjYWX1cwXZFH1lZxi9RVl7JkCuOoBjeF5TqqnqQNiII_hifa408CI-v1nrD8H8EICcWiKqUTAngOxIOvbWyeU4yqRbR86tsqdwTP6ZF8iFx6e9ZV8mZ-NiAPYDm8sHLcs5pSxQLKLcEbd4IYdiLlsREhywx8lD_1MlxgX6fkg6jrS91kTOyB0MWRwzIS67kDM1-nn6PuvEoE1jfUOkzxVcE-8RXjDak5mFrswt6YnaRKF_5icD8LetaKLLgR5p-k7zvQ7XGCOATn60n8CI2DRGiTUOR2G7mIHXpYYUgVbhUD_pyOesVQc8fcVFd9zZWFrrtvDP6WX2aLdNMTCIGWv-jlVpFcrhE275-L9raqNxdsizjooGl9e8ySlkFja_RDzjslHX9iu68eXJRCf7awBCB81KP4YPdIFyBSwTE4TN0ozv3p28zsHlkcwpSgO5SdqalIYzJkCvr-7c6_Q-XIO2Pwst276JMJ3a_GuxqIaLrMtkKTa_X-I_EOMfkxbJQnpCDUeZN-U-vRQv_OmpyVS0-O4igvKGHexQiQxRSh9IFAOU4xDw81A59jVqKR0TkC2ox0iqj6Ym8QC0AtzU-4wAyTbl4fMsJbruU6Pd2BaH5158JzoyPaTXrSL87WueEp3JazErSKRqz8vCeO5f34TyUgWHus6jjyrm-TZv_z5IQU4CraiaGtRunVJj_8wl-y3NTq6GuQH98I1HlfSYnZfN3FI-fhyYknSudJOH88OxHrKPw8e9NXwToCujcmgDSuzTlV4_HyLJ7RDiW0u-DUwVsQJQnxCRM2uVlaJuhMNKtWNJeKP5a1HHNm3j6EbFL2wqnNvOuvSPHNL6qwHO0po3zeEO4EBq3Sl18iskC1ZPWHLnYtrXVeBHyKtlPE-trcSHKywUBlsv0DNBJMt0JXcmygMiX-ZNz86UQdM21u21v3GcqFRTsh-YnrM1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 093F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1w09XV9wgvgM9VxdXyio1hqbbymN-NxawRbmT_4JUwaxpAdarOntJ33otoWk0S6O1Z9HL-gDbyP-EAramzAygaa3uDr2KZHaK7BG96VBZP22ao402tGp0I6Sk&sai=AMfl-YR7cHf3acw--muC7CVftwicryFzhKJEmNv4AW_xYblnZKNs0WIrzBF57Gut2vhM7c-zS0NrYJOW9qbQZATmaHFa7mEVTTYqA5Cnjy9mRrBZ6GZp48TtwUpYUCweVL5sRh-dvJqTVYqBY0dWGI_m&sig=Cg0ArKJSzJosYbakKQnREAE&cid=CAQSTADq26N9a59oOuTkufb6aj5FjJJF2aMvjo79ySxFlySr8mbr2_e0u2uM8TmwNbvFj4NdGkekzb_sTZGLMDUvtu0OJqwNKWwUOzUKiy8YASAT&id=lidar2&mcvt=1000&p=703,485,971,785&mtos=0,784,1000,1000,1000&tos=0,784,216,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=0.93&if=1&vu=1&app=0&itpl=20&adk=1835089781&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669478985657&rpt=265&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1F39 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 16:09:47 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 86C1 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 16:09:47 GMT
syncframe
gum.criteo.com/ Frame 8C38 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:46 GMT
server
Kestrel
server-processing-duration-in-ticks
1791515
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 1F39 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 16:09:47 GMT
syncframe
gum.criteo.com/ Frame 98A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=ibyt.in
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 16:09:46 GMT
server
Kestrel
server-processing-duration-in-ticks
2096523
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 86C1 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ibyt.in/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 27 Nov 2022 16:09:47 GMT
sid
mug.criteo.com/ Frame 8C38
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0alB5...
  • https://mug.criteo.com/sid?cpp=3mXEd3xTYjlObXFDaTVxUysvVnllSjZsb1Vmc1p1M1ZFS2FLd0dRNm5wQkY1blNvWUtlWElqaFFyS2tMR1JlRjcxa3dGT1N0SkRrc2J4ZkNjbDNudXBJTUJlcUZyRkJGUllZVTFndHdyMjNPMEU5S0hqcXJWTzViYVU1MF...
420 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=3mXEd3xTYjlObXFDaTVxUysvVnllSjZsb1Vmc1p1M1ZFS2FLd0dRNm5wQkY1blNvWUtlWElqaFFyS2tMR1JlRjcxa3dGT1N0SkRrc2J4ZkNjbDNudXBJTUJlcUZyRkJGUllZVTFndHdyMjNPMEU5S0hqcXJWTzViYVU1MFBOQ09zWXc0UUlpa0Rka0tQVW00ODF6SXJ0K2NLemZpRTZBaEkzZkp5KzNyalJlbTZ3Y0tSTnNhS3JwL1h1dCtZaGdQUU92MnNGVDllbVBtTFg0V0NqK09EdHhyaXhtOFNDTU55UDhQeVV4Ulk3Yk81OTE3Z3hxSkxaakwrYTlJMDlyMVI5cklrTkVSdkUxQzBKMU9FQmJHQzJMQUJLQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4b9ea8676ab5de60fe288abff3a09ff53998876c1f5fbe4e610f44e442af617e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1766214
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=3mXEd3xTYjlObXFDaTVxUysvVnllSjZsb1Vmc1p1M1ZFS2FLd0dRNm5wQkY1blNvWUtlWElqaFFyS2tMR1JlRjcxa3dGT1N0SkRrc2J4ZkNjbDNudXBJTUJlcUZyRkJGUllZVTFndHdyMjNPMEU5S0hqcXJWTzViYVU1MFBOQ09zWXc0UUlpa0Rka0tQVW00ODF6SXJ0K2NLemZpRTZBaEkzZkp5KzNyalJlbTZ3Y0tSTnNhS3JwL1h1dCtZaGdQUU92MnNGVDllbVBtTFg0V0NqK09EdHhyaXhtOFNDTU55UDhQeVV4Ulk3Yk81OTE3Z3hxSkxaakwrYTlJMDlyMVI5cklrTkVSdkUxQzBKMU9FQmJHQzJMQUJLQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
688471
content-length
0
expires
0
sid
mug.criteo.com/ Frame 98A5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ibyt.in&sn=ChromeSyncframe&so=3&topUrl=ibyt.in&bundle=92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0alB5...
  • https://mug.criteo.com/sid?cpp=nOsuoXxBSlp2OGRXcytjNTV0K1dzNnZnSE02MGdaR2xXTStSY3dqRUdJSTR6dXFEc0RkcGZ1QU5reHRaUG5WenFoUlRmTUdsNzFVd3lYOXMxVjlDMnJMVy9Vb3Byalpidk1raVQ5K2tkMVRnWHRSRVNsVFhrdTJRMzN0en...
433 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nOsuoXxBSlp2OGRXcytjNTV0K1dzNnZnSE02MGdaR2xXTStSY3dqRUdJSTR6dXFEc0RkcGZ1QU5reHRaUG5WenFoUlRmTUdsNzFVd3lYOXMxVjlDMnJMVy9Vb3Byalpidk1raVQ5K2tkMVRnWHRSRVNsVFhrdTJRMzN0enZyVGMxUURYekZCSHR0MmNUTFdNdzBzUGM0ZDBwTUpRNTNyTkcrcENVT251Qy9Yc3JkTDBjT3lGaS9pRGRJM0pYTmNYYlN2dDRzbWhMSVd5cGtwS0FyRk8ybWF5aVhJL3Y5RXF5dmlCWXZOcTlQMmhjTkdZeWhWMXl1OGNNSURQOVZYZE4zSENNZXZjdFQyWi9uWE41YVVZWjBkS0Eydz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
07613fef22d2c0b1ec8069e76a1fc488311890f0df8c44997472947f03ab83a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1568492
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=nOsuoXxBSlp2OGRXcytjNTV0K1dzNnZnSE02MGdaR2xXTStSY3dqRUdJSTR6dXFEc0RkcGZ1QU5reHRaUG5WenFoUlRmTUdsNzFVd3lYOXMxVjlDMnJMVy9Vb3Byalpidk1raVQ5K2tkMVRnWHRSRVNsVFhrdTJRMzN0enZyVGMxUURYekZCSHR0MmNUTFdNdzBzUGM0ZDBwTUpRNTNyTkcrcENVT251Qy9Yc3JkTDBjT3lGaS9pRGRJM0pYTmNYYlN2dDRzbWhMSVd5cGtwS0FyRk8ybWF5aVhJL3Y5RXF5dmlCWXZOcTlQMmhjTkdZeWhWMXl1OGNNSURQOVZYZE4zSENNZXZjdFQyWi9uWE41YVVZWjBkS0Eydz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
280677
content-length
0
expires
0
ixmatch.html
js-sec.indexww.com/um/ Frame D415 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
569
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7703e3f87fba90f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 16:09:47 GMT
expires
Sat, 26 Nov 2022 20:09:47 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 1CFC 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 26 Nov 2022 16:09:47 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 967E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 26 Nov 2022 16:09:47 GMT
ETag
"623de86a-cf34"
Expires
Sun, 27 Nov 2022 16:09:49 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 56C2 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4001
CF-Cache-Status
HIT
CF-RAY
7703e3f8ace68ffe-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sat, 26 Nov 2022 16:09:47 GMT
Expires
Sat, 26 Nov 2022 17:09:47 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
eFdVC5ME9w7heZqQq3vIA9nDLj8lyPtERWwWiUp8NE5UBeBpPEQob0tJ4Zjgi6FXxJVUYDWGYss=
x-amz-request-id
36Y7SPJBNDM635FH
async_usersync.html
acdn.adnxs.com/dmp/ Frame EA97 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 26 Nov 2022 16:09:47 GMT
ETag
"623de86a-cf34"
Expires
Sun, 27 Nov 2022 16:09:49 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame DFC9 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 26 Nov 2022 16:09:47 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 52E3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd201221.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://ibyt.in/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
569
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
7703e3f87fc090f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 26 Nov 2022 16:09:47 GMT
expires
Sat, 26 Nov 2022 20:09:47 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 8576 		1 KB
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67167647879a14baa767ecbfd4c07c22a8b008aff2df0f3e14245c68f0ca1384

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7703e3f979b4bba7-FRA
content-encoding
br
content-type
text/html
date
Sat, 26 Nov 2022 16:09:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weI7k4XlI7EZJBt2AWoxOROpkLeOR2petZ4zlMnbURzo5dISZSUudCLTFQT%2FbUMyrhskeLzKDD8Q5qnw9Wu9eVhwiIZSoae5G7%2FK%2FkpkralGIUDX25687rrwLJkgHleRctfN%2FIi8s5j%2FFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame AE39 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e802a74fef4730d838f070a28bf7ea7bb002adafbab7fbcbff3997781d29805

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7703e3f979b8bba7-FRA
content-encoding
br
content-type
text/html
date
Sat, 26 Nov 2022 16:09:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRwl%2BKDRlC0u0MqOcVqqW1JsJl%2FqIYgMG1P2Qn6ukCu2%2FCh2GPRUp1XRXznncvtNaJf1Oa35jaEYrdMjjYzdhNvPxHBoKe1FCbvBmavgXQqsGSITINIdaNowGkFduJaMaZ5%2BRPsdbPgRGA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame EA97 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:47 GMT
AN-X-Request-Uuid
19e4890f-38ae-4208-a526-00add134161f
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 967E 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:47 GMT
AN-X-Request-Uuid
caef1b5f-5c9b-44e5-af00-d7ece85cd62a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame AE39
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8CX7063KW4DCS3BZT01F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WQ4MHJVBEFH54P97G9H5
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame AE39
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPs1nyWC7Sd_dbR5pDACfFI&google_cver=1
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPs1nyWC7Sd_dbR5pDACfFI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvEOjt1bRo5u5kbCnUkjRIkJD4RDRt4nB5Ogh6UXztBCfLcGakb%2FklKp2MjqAVRE6y1L3MgBtm1iFrezpDcD%2BvVK3ehFkdbcOxytWbmK8grGsKyzsdteHxIah6S5JO%2B4wBmqIitAMqisUg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7703e3faafda91f3-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEPs1nyWC7Sd_dbR5pDACfFI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame AE39 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 26 Nov 2022 16:09:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame AE39
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5324135977184355499
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5324135977184355499
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:47 GMT
AN-X-Request-Uuid
cd867244-1cdb-4ad8-8dcb-62adef7d380a
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5324135977184355499
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame AE39
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Sat, 26 Nov 2022 16:09:47 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
crum
dsum-sec.casalemedia.com/ Frame AE39
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7b90f15-b8dd-434a-9cca-ee682951f847
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7b90f15-b8dd-434a-9cca-ee682951f847
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=e7b90f15-b8dd-434a-9cca-ee682951f847
date
Sat, 26 Nov 2022 16:09:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
rum
dsum-sec.casalemedia.com/ Frame AE39
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=SHOl7k0hqb5TJf_sTiWw6kkipelTc63rG3VYICfz
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=SHOl7k0hqb5TJf_sTiWw6kkipelTc63rG3VYICfz
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=SHOl7k0hqb5TJf_sTiWw6kkipelTc63rG3VYICfz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ix
ad4m.at/ad/sim/ Frame AE39 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
htw-pixel.gif
cdn.indexww.com/ht/ Frame AE39 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4I6SChWWlb1ql6pC71CxQAA%265147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:47 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63477
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7703e3fabe97906d-FRA
content-length
43
expires
Sun, 27 Nov 2022 16:09:47 GMT
Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8576 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8576
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2a05:d018:d29:3601:aea4:a386:c0ef:3243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y4I6SChWWlb1ql6pC71CxQAAFBsAAAIB
date
Sat, 26 Nov 2022 16:09:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ie
match.prod.bidr.io/cookie-sync/ Frame 8576 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.195.231.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-195-231-201.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8576
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3210463133588474598
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3210463133588474598
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3210463133588474598
pragma
no-cache
date
Sat, 26 Nov 2022 16:09:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp_out
d.adroll.com/cm/index/ Frame 8576 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:cc3:fe05:d0c0:37ca:a712:bca6 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:48 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.0
content-length
42
vary
Cookie
content-type
image/gif
bridge
cm.adgrx.com/ Frame 8576 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 26 Nov 2022 16:09:48 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
ix
ad4m.at/ad/sim/ Frame 8576 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 8576
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]
date
Sat, 26 Nov 2022 16:09:48 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8576 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y4I6SChWWlb1ql6pC71CxQAA%265147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fibyt.in%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 16:09:47 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
63477
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7703e3fabe9e906d-FRA
content-length
43
expires
Sun, 27 Nov 2022 16:09:47 GMT
async_usersync
ib.adnxs.com/ Frame EA97 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
AN-X-Request-Uuid
890cad97-35ee-4cc6-ae65-55f437e30d31
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 967E 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 26 Nov 2022 16:09:48 GMT
AN-X-Request-Uuid
c8bdfef4-221e-45b8-a327-b2cab9f94372
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.7.103; 80.255.7.103; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| _wpemojiSettings function| $ function| jQuery object| googletag object| twemoji object| wp string| pb_ibyt.in_320x100_mobile_sticky object| us_ibyt.in_320x100_mobile_sticky object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| ADAGIO function| pbjsChunk object| pbjs object| _ADAGIO object| criteo_syncframe_state object| GoogleGcLKhOms object| google_image_requests

28 Cookies

Domain/Path Name / Value
.ibyt.in/ Name: __cf_bm
Value: mzj_fZF6Ewfo9UIA3i82plQeiptTsiICJXNHgXaIOkc-1669478984-0-AQ5i7Ls4+w2hm+N0+ZoeZ1DVz5hpJTBh1JFP9Oq3TG+zmKPEKT2b51laavTpZrljP4Oh6DFCUkn/fEXJwnEPbboTG4fXGJCpzWSqBeteKdJhR06MWsdasxaeeZCW/nJgusXG90qXKvTyZbbf0RwBtPI=
ibyt.in/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.ibyt.in/ Name: _pubcid
Value: 00122032-0dba-4cab-b25a-b2e8cfebaf18
.adnxs.com/ Name: uuid2
Value: 5324135977184355499
ibyt.in/ Name: cto_bidid
Value: -Bds4F9oNldJdU1IJTJCUGpsMGlLekx6eTFxRjZobzFuOGlLYVlEWE95YVBOSks4RzBCQUVVcyUyRjJnWXBRUCUyRktrc1dIJTJGMFZPWXpYR0FzVFZTaVVOM3N5ejdiamh3JTNEJTNE
ibyt.in/ Name: cto_bundle
Value: 92tp_l9ybjlrNjRPOTVsejlKbGFIVm9ybFJ0Sk5NYlFYYVhNVkd0eUFWJTJGQjkyQzVHTEVJSkZOTVE0alB5N3gzc0huamZQZDZLM3FxdXU5QXk3WXRrTGhHYzV0N21pJTJGd1VNdkZ1NjV5VHNUTlFvNEUlM0Q
.casalemedia.com/ Name: CMID
Value: Y4I6SChWWlb1ql6pC71CxQAA
.casalemedia.com/ Name: CMPS
Value: 5147
.casalemedia.com/ Name: CMPRO
Value: 5147
.doubleclick.net/ Name: IDE
Value: AHWqTUkGczoVPQZEO8SAd2spQ_mDqowATdXgeCZg2S346pvZxNct_bSU1Vs6QNX5pnc
prebid-stag.setupad.net/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI1MzI0MTM1OTc3MTg0MzU1NDk5IiwiZXhwaXJlcyI6IjIwMjItMTItMTBUMTY6MDk6NDQuNTI1NDIyMjhaIn0sIml4Ijp7InVpZCI6Ilk0STZTQ2hXV2xiMXFsNnBDNzFDeFFBQVx1MDAyNjUxNDciLCJleHBpcmVzIjoiMjAyMi0xMi0xMFQxNjowOTo0NC44ODM2MzI4MDRaIn19LCJiZGF5IjoiMjAyMi0xMS0yNlQxNjowOTo0NC41MjU0MTM4MTJaIn0=
.turn.com/ Name: uid
Value: 3210463133588474598
.bidswitch.net/ Name: tuuid
Value: e90396b4-4eb7-4691-875a-bcce21f86e51
.bidswitch.net/ Name: c
Value: 1669478984
.bidswitch.net/ Name: tuuid_lu
Value: 1669478984
.criteo.com/ Name: uid
Value: d10385ab-bed3-47d8-9cd8-f9efa22cba87
.ads.avads.net/ Name: av-mid
Value: 2abbba51-442c-4a0b-bfed-40e12361d894
.ads.avads.net/ Name: av-tp-bsw
Value: 1
.openx.net/ Name: i
Value: 69e64349-12ba-42dd-8f98-1818db4d26f2|1669478985
.ibyt.in/ Name: __gads
Value: ID=89b7b065d1a5f6af:T=1669478984:S=ALNI_MZXWe7pdL8rC086daEg0l66skF0bA
.ibyt.in/ Name: __gpi
Value: UID=00000b87b83b6b73:T=1669478984:RT=1669478984:S=ALNI_MY4kb5rfmA6CtdW2OgE4GdqAamHww
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C'!omw3'!]tbPl1M>e)ZlrFUfJ+tGXxoTEUH9b:vrc2Z16YrB)V5vK`_agQ<:7i-LXo^*bpRz*qF1`*b_0E*#!!b
.ibyt.in/ Name: cto_bundle
Value: LDJ6w19ybjlrNjRPOTVsejlKbGFIVm9ybFJzTWNNZzlxcnN2MzhRSXlFZ3FXMmYxRFpuT3JDcGtaYSUyQlFnMkltUkhkJTJCQlJGZ2dQbkxnWm5CQVVnRWY0NXRPdHNNY2xxeXZLNmlUYVFsNG5wQnlZRnp5cUozTFZiR3N5alRpcHZ0UjYlMkJuaHJlS1g5UEZFSlAxR2lWWUpIMk5abGclM0QlM0Q
.quantserve.com/ Name: d
Value: EAkBDQHVJ7jvsQA
.quantserve.com/ Name: mc
Value: 63823a4b-eb00e-67b85-307e5
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~28ig
.yahoo.com/ Name: A3
Value: d=AQABBEs6gmMCEHbXCVhbhfcxyZh7ftjiqBAFEgEBAQGLg2OMYwAAAAAA_eMAAA&S=AQAAAitRfBgl-TYSLpKh-K6t_aU
.casalemedia.com/ Name: CMTS
Value: 2193

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17a34a8f743274f6023d2295acf15bba.safeframe.googlesyndication.com
339227d3fcf5c336c5eda0d6d1d3c262.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avads.net
adservice.google.com
adservice.google.de
adx.adform.net
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
biddr.brealtime.com
bttrack.com
cdn.ergadx.com
cdn.id5-sync.com
cdn.indexww.com
cjss.enewspapr.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
cs.emxdgt.com
d.adroll.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
fe1f5f1f30987ff479db91508066d5ee.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
htlb.casalemedia.com
ib.adnxs.com
ibyt.in
id.sharedid.org
id5-sync.com
invstatic101.creativecdn.com
js-sec.indexww.com
match.adsrvr.org
match.prod.bidr.io
mp.4dex.io
mug.criteo.com
node.setupad.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prebid.a-mo.net
prod.uidapi.com
pubads.g.doubleclick.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
setupad-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
stpd.cloud
sync.adotmob.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
www.google.com
www.googletagservices.com
x.bidswitch.net
104.17.119.107
104.18.33.19
104.18.36.94
13.225.78.47
142.250.185.98
147.75.85.234
159.89.25.223
162.19.138.82
172.217.16.194
172.217.16.198
172.64.154.237
178.250.0.157
18.156.32.70
18.185.169.183
185.183.112.148
185.184.8.90
185.80.39.216
185.89.211.116
192.132.33.46
2001:678:cb4:bbbb::11
23.205.235.133
23.35.236.188
2606:4700:10::6816:3456
2606:4700:20::681a:2e6
2606:4700:20::681a:8b2
2606:4700:20::681a:9a9
2606:4700:20::681a:bd1
2606:4700:3032::ac43:8ad7
2606:4700::6812:1e31
2606:4700::6812:372
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:806::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:827::2006
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:2638:1::3
2a02:2638::24
2a05:d018:cc3:fe05:d0c0:37ca:a712:bca6
2a05:d018:d29:3601:aea4:a386:c0ef:3243
2a06:98c1:3121::3
3.126.56.137
3.132.37.212
34.102.146.192
34.120.107.143
34.95.81.168
34.96.70.87
34.98.64.218
35.190.39.111
35.205.207.25
37.157.3.28
52.223.40.198
52.29.215.78
52.46.143.56
52.49.181.242
54.195.231.201
54.71.217.198
69.173.144.138
69.173.144.165
70.42.32.63
72.251.241.204
96.16.141.156
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
0441f4570db2b6113328586689df17794e034c46c2ecb09c3b1ec95841c6d24e
0553bb739f1686e2e458b4f583ea068710e42e6e676b9e099f00aa56217151c2
07613fef22d2c0b1ec8069e76a1fc488311890f0df8c44997472947f03ab83a6
09729a6f1dae2c6f06ab07121ef230efcc5c996a646f824deb767e7e3c9bc505
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e802a74fef4730d838f070a28bf7ea7bb002adafbab7fbcbff3997781d29805
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1292ba4d41b1720bce8abcf19fa19704cb6d95b0f3c904535972e8746730b009
13545cec095c1bc6dcc3af6ca0920ac82f5be96cb39595675820ce7c7f9153ee
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
2443d4118a9bc848d696d90842b662d58a633c4d65aed9d3dc4c5aa70727d2e8
25b6d3a289e80eec31931959248a9cef5ea6f6d3b7da729d263352c9c4e35781
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2d50b5b8c23d54e1ea0bc7cd6167153a7410f73d0fa5a95b942894d9614b57e9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3219f1d97e20926e8434a1e77930f333499d6397f004d9f3304b28dde531e391
3457b3f987722f23c52744418be5651c20ffa901a76cadcab134995584c0327d
3b053227959604d2c3c0945a10c2b406dfe1b1ca24108448b1722e888d6faf3f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401da408a5a1a08101e44af35f3b89c5aa18a7062317bce76b6ffa9fcd258929
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49930f364eda6d795fa66a38cd5dbd521983ad2814698262da8bdece001d1173
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9ea8676ab5de60fe288abff3a09ff53998876c1f5fbe4e610f44e442af617e
4dd873568d7764066c3958f0a7406285f81eb20fb607916af713cfce489ea04e
4f5083c8eb8bc90cd7ba3358c406ddb6e8c6bb989b014ac7521f09e7e28946ca
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54698009b27b1e9ec2a2d106ff6c1e082ebec40086be91a73c5cf3338e80b0fd
547b1daa4e83d8991d42146ccd89ebff99d2c89f072623d13218c3392541188b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c655e485bf430042e2ecbe6bf04447425cc9717fa3c7039be3e22a9437b246
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5733ae1deefd76f002f873d813dcb95334490adf102d4ad33f7905da607c2bcd
58171b988255633696c0ad836249a7b0dde4ab005b8e951770bdc25fb3dd08fe
5867306246bce7f6894f17fd7bfadbf448e1f554facecc2831793a090a5c08c0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61b87301b4f479123e270aeff5af4cf03da0c254045fa6d58161c46dcec32793
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66a8dfcc4572e000bf5b4351bae2a763b3357a65ed373ff27a7e7b38ec9486ae
67167647879a14baa767ecbfd4c07c22a8b008aff2df0f3e14245c68f0ca1384
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d3190617c56f16492c6b990d538fdae11393678a616c6e85845d02c67cf871d
7148c8ec7647215b4a14ba2b52fca40a8f8efe198e6d363f402c1d1b4f94ee00
74fbad0a99c0ed1c0c09f7a4dbf73b52d1d2590a8bb088a6ae5ed255e7d75f3a
76424452f8e1eb0bc7fb20f6d7fa0dcaea480d7152a74756c01e816a663c3aa1
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9123daaf45175206736fd670ab3b1b8550fd46cd39235ee82492ce252ad3dabd
94bee3b57568569343c778c23e36d39c861a88e3ccf04dc78472d9f041f222fa
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
99cc10726edb5eae68583a83f5488800d81162d4ea8af3006a21da12214a326f
9bdf97b0b9f407b3db28d1e7540070425a68d18e65c6a480abaf7665cc03849e
9e3558b0e96fbe0efb2daadbf74dc44d914ac0a0423b66f81f0a4201c3b241ea
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a11a708a9d18dd88a470d3c812cc4067a7bc93bbb9f906cba95a589c058966c0
a2881265c87c20a765de669d704a949494bba5ebf5c01bc5f3b1f07db70cab95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a65a90d45e96a839c51c415245fdd88b0bebcdf8b4dc7faafd4d914b82cde215
a97afd769b3d774563606be9e943789398af5a1bf3583c2bc9a81f99832aa2b2
ac933c2c6348a78c0fc53c09facb32579b18c17d22afae67d0af291c7e3b1c94
acb8fd7a58e38293d6d1ffc12285393889edcd5a8c1e99839b911c3fbf1cbaba
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
af11162485b12441e518a282f59395d411ac1518a569c710b91dfc8bec1f1b9f
b12e35c0f7f1219bc6fc0c5843f10412d1e91c409a8700da0c926e3283df1463
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c6a13df2fa2f0e99384ac1fde844d3ff6338971fbabcb9ec95194cf5b99ce2
b27c3baf6add94c45284b1b40900b7d00828dab12a5abfaf82a35c7b6bcad0ca
b698e06e3a361f545fa34ec367ff3f5b5713c1b49852084c4beb581f04943bf9
b8e64f656ab17cca541c2cedc0711657661cc96758750fff8400884c6239bc34
bd5d03b8b981571b0940a874aeada65ae3da165b9b465dcf97689dfde7c115ba
be06ffb2cd06a02216ca9a5e16cecf8009507b74105774aedd0617ddaa8b8cbf
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c549c11d4f03a4a41d0badfd2fec57bab1f1dd0a15c6f79843976042ba99b195
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d384e7e41b82cb578964bead5c6774f433306485ac5cf75b6c3fa0ededbb5302
d9266875371174740380051b1d4a6f20a124977394cec9855070b1f237e8f26a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e38f0cc75eb564053128e3b32d4bae98fe8cdcdb57647ab7afbecd2600928ff0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9b1dfc24fbc61fb6b0482b4bef597cd3291072a662e7c173949a3e8ffd58d
e3fe3edff39be8fdcb0d19b6cda5deffb4ae75c3e8605c14a9113eec57da555b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb1b995f7eeed1cc8cb535f9bf9b358464bc3b27fe9505a8e9e72205006ea741
ebf28361993caa17abd120b62c51fb50e5c880792f47eae2d03c1855455622c7
eca99ecb66f510813b45339186b0988965454c1581d757257c41044bf38b5ba2
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eded37b94340e1cfd571d4d7bc6f13b31a221dc6c39f175249a46ce71b849522
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066a6392f3732829e95d97ac2a3dfb7dc7d35fc88d71a4ef62ff8f70399326c
f0a8b3679ef4fd71d156628b21be99f87d0703d53da7b0a1a245f33dd996364b
f14bc3b3919df8b5810b201eec78fb900f3da72bee0fd422abc0e4913f7c3e6f
f57cf725ac157cef90c885104f773f321b738e6bae730c0f8a4275d74ae406d9
fc6ec2e00d176abcceaf82c19bfbe79fa952a69ded0c0a3dfee6011499487348
fe12320e03842b8847060d071ac10a5f16d8e1640a5c755538d433ca31ade473