urlscan.io logo urlscan.io
SecurityTrails logo

195.82.109.168 Open in urlscan Pro
195.82.109.168  Public Scan

Go To Rescan Add Verdict Report
URL: https://195.82.109.168/
Submission: On January 09 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 5 countries across 11 domains to perform 47 HTTP transactions. The main IP is 195.82.109.168, located in London, United Kingdom and belongs to XGLOBE-199391, IL. The main domain is 195.82.109.168.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 21st 2020. Valid for: 2 years.
This is the only time 195.82.109.168 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    195.82.109.168 (London, United Kingdom)

ASN199391 (XGLOBE-199391, IL)
195.82.109.168
2    2600:9000:214f:c400:3:94da:5580:93a1 (United States)

ASN16509 (AMAZON-02, US)
analytics-cdn.avatrade.io
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
4    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
11442924.fls.doubleclick.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    66.225.223.127 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
tr.outbrain.com
2    34.252.27.108 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-27-108.eu-west-1.compute.amazonaws.com
analytics.avatrade.io
1    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:400d:803::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    141.226.230.48 (United States)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
6 doubleclick.net
11442924.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
3 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
22 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 619
12 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1016
trc.taboola.com — Cisco Umbrella Rank: 842
trc-events.taboola.com — Cisco Umbrella Rank: 1350
20 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 3658
adservice.google.de — Cisco Umbrella Rank: 5450
1 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 142
2 KB
4 avatrade.io
analytics-cdn.avatrade.io
analytics.avatrade.io
28 KB
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 3147
tr.outbrain.com — Cisco Umbrella Rank: 2925
6 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
36 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
124 KB
47 11
Domain Requested by
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 bat.bing.com www.googletagmanager.com
bat.bing.com
4 11442924.fls.doubleclick.net 2 redirects www.googletagmanager.com
2 trc.taboola.com cdn.taboola.com
195.82.109.168
2 connect.facebook.net 195.82.109.168
connect.facebook.net
2 adservice.google.de adservice.google.com
2 adservice.google.com 11442924.fls.doubleclick.net
2 www.google.de 195.82.109.168
2 www.google.com 195.82.109.168
2 analytics.avatrade.io analytics-cdn.avatrade.io
2 tr.outbrain.com amplify.outbrain.com
195.82.109.168
2 analytics-cdn.avatrade.io 195.82.109.168
analytics-cdn.avatrade.io
1 trc-events.taboola.com 195.82.109.168
1 www.facebook.com
1 cdn.taboola.com 195.82.109.168
1 googleads.g.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 amplify.outbrain.com www.googletagmanager.com
1 www.googletagmanager.com 195.82.109.168
47 19

This site contains no links.

Subject Issuer Validity Valid
avatrade.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-21 -
2022-07-28		 2 years crt.sh
analytics.avatrade.io
Sectigo RSA Domain Validation Secure Server CA		 2022-04-25 -
2023-05-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-19 -
2023-01-17		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh

This page contains 8 frames:

Primary Page: https://195.82.109.168/
Frame ID: 2BFBCA30E6C44811B9B2E54DA7556C45
Requests: 39 HTTP requests in this frame

Frame: https://analytics-cdn.avatrade.io/analytics/57/iframe_track.html
Frame ID: 5708721B864C246A1BC2FBB30918F21E
Requests: 1 HTTP requests in this frame

Frame: https://11442924.fls.doubleclick.net/activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Frame ID: CAF9B017A5944D9CCCD8F84B36BD43EF
Requests: 1 HTTP requests in this frame

Frame: https://11442924.fls.doubleclick.net/activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
Frame ID: 468BBD12BA4F789F9033277952A28004
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Frame ID: 1CB8942880A4ED4BFB567F3A2F8B1143
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
Frame ID: B456786BBA31777286BD07C52CC68577
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
Frame ID: 6BC97EA06B3F26C05A2C5C57ADF5B741
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Frame ID: 477A5AF505940CB3C10F2FC60B16F964
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ava-trade

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

47
Requests

81 %
HTTPS

63 %
IPv6

11
Domains

19
Subdomains

19
IPs

5
Countries

6650 kB
Transfer

7222 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://11442924.fls.doubleclick.net/activityi;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F HTTP 302
  • https://11442924.fls.doubleclick.net/activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Request Chain 12
  • https://11442924.fls.doubleclick.net/activityi;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F HTTP 302
  • https://11442924.fls.doubleclick.net/activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
195.82.109.168/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
5d9df8fa7e2505a9073970cbde0a5a0effc26fbd4c8b0fc410cb53ab514e6666

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Length
4228
Content-Type
text/html
Date
Mon, 09 Jan 2023 21:32:58 GMT
ETag
"638a1c2a-1084"
Last-Modified
Fri, 02 Dec 2022 15:39:22 GMT
Server
nginx/1.19.6
script.js
analytics-cdn.avatrade.io/analytics/57/ 		19 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-cdn.avatrade.io/analytics/57/script.js
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c400:3:94da:5580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
bbd9945c3faaef1e6098972c176e5081aeb0045b5b5e3629e32ac230bd6b1a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 21:08:44 GMT
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
server
nginx/1.22.0
x-amz-cf-pop
FRA53-C1
age
1454
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
x-cache
Hit from cloudfront
cache-control
max-age=6000
access-control-allow-credentials
true
x-websiteheader
adserver
content-length
19515
x-amz-cf-id
oks2T5fwHfoYc4HOPBbauf92DbiLEXU3UkKDMfeLulAUg75se5qEiQ==
start-scripts.js
195.82.109.168/ 		364 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/start-scripts.js
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
be1293ab0ac4eec892b1053daccc8b192cbe05a42ca3146fed64530e45cd6e92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:58 GMT
Last-Modified
Fri, 02 Dec 2022 15:36:16 GMT
Server
nginx/1.19.6
ETag
"638a1b70-16c"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
364
2.19ab8d8b.chunk.css
195.82.109.168/static/css/ 		123 KB
123 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/static/css/2.19ab8d8b.chunk.css
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
f30cdda5b1f5deb4003e2687e9c22fd32885a92a88dba64dcfd6819937379941

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:58 GMT
Last-Modified
Fri, 02 Dec 2022 15:39:22 GMT
Server
nginx/1.19.6
ETag
"638a1c2a-1eae8"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
125672
main.87df52bc.chunk.css
195.82.109.168/static/css/ 		234 KB
234 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/static/css/main.87df52bc.chunk.css
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
3b06aad05fed8940526c292b1183b11b6316206596276721e5d359f5e4b13480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:58 GMT
Last-Modified
Fri, 02 Dec 2022 15:39:22 GMT
Server
nginx/1.19.6
ETag
"638a1c2a-3a6e9"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
239337
2.d2b5ce3e.chunk.js
195.82.109.168/static/js/ 		3 MB
3 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/static/js/2.d2b5ce3e.chunk.js
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
845e2d0c574051a948d642642ccf5bf0c19b4d8cc9fe3cd321b45f68056529be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:58 GMT
Last-Modified
Fri, 02 Dec 2022 15:39:22 GMT
Server
nginx/1.19.6
ETag
"638a1c2a-3637ab"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3553195
main.2163115a.chunk.js
195.82.109.168/static/js/ 		2 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/static/js/main.2163115a.chunk.js
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
60e630a1486b3558f557fe426ee67c836859b86c5619932efdab8af83a8e8b8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:58 GMT
Last-Modified
Fri, 02 Dec 2022 15:39:22 GMT
Server
nginx/1.19.6
ETag
"638a1c2a-27e1ed"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2613741
gtm.js
www.googletagmanager.com/ 		493 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a51fc272cd81c81ae5618a0cb7af29ab808aae96dbee7959d7357c5507c27563
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 21:32:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126862
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 09 Jan 2023 21:32:58 GMT
iframe_track.html
analytics-cdn.avatrade.io/analytics/57/ Frame 5708 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://analytics-cdn.avatrade.io/analytics/57/iframe_track.html
Requested by
Host: analytics-cdn.avatrade.io
URL: https://analytics-cdn.avatrade.io/analytics/57/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:c400:3:94da:5580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
a818a79a151db010ba8970d5139f232b974e296cf4603cda896b78743d0a78ab

Request headers

Referer
https://195.82.109.168/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
age
5037
cache-control
max-age=6000
content-length
1346
content-type
text/html
date
Mon, 09 Jan 2023 20:09:01 GMT
server
nginx/1.22.0
via
1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-id
GCRzRqoqHw_d6BWBtQNojFUYwX-LxRngdLm7Kmmt73P9A-_btHtwKg==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-websiteheader
adserver
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 09 Jan 2023 19:50:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 09 Jan 2023 21:50:37 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 09 Jan 2023 21:32:57 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0E3534295D5A4A599409DAC88B66A422 Ref B: FRAEDGE1812 Ref C: 2023-01-09T21:32:58Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
11442924.fls.doubleclick.net/ Frame CAF9
Redirect Chain
  • https://11442924.fls.doubleclick.net/activityi;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F?
  • https://11442924.fls.doubleclick.net/activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F19...
480 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11442924.fls.doubleclick.net/activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
aaa138e2b92ae1418f63bc32db0bcfd884416820414bea27eb14cd13b6e2d4ad
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://195.82.109.168/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
257
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11442924.fls.doubleclick.net/activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
obtp.js
amplify.outbrain.com/cp/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Nov 2022 14:22:05 GMT
Server
AkamaiNetStorage
ETag
"fe80c55f1e1387116ff9765261ed192c:1669645506.686439"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5269
Expires
Mon, 09 Jan 2023 21:52:58 GMT
activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.16...
11442924.fls.doubleclick.net/ Frame 468B
Redirect Chain
  • https://11442924.fls.doubleclick.net/activityi;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109...
  • https://11442924.fls.doubleclick.net/activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefi...
506 B
306 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11442924.fls.doubleclick.net/activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
a621ea73888a2e18dc7dec0c3e5b39888a6f631cba82fa936edccbfee6091c68
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://195.82.109.168/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
281
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11442924.fls.doubleclick.net/activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cachedClickId
tr.outbrain.com/ 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=002ab3e6ddb3817e1fa84118a5c56256f1
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.127 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:59 GMT
X-TraceId
bff643442029e6e3e1c37e5feef41114
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=002ab3e6ddb3817e1fa84118a5c56256f1&apiObjVersion=2.0-gtm&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2F195.82.109.168%2F&optOut=false&bust=04557837221408738&referrer=
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.127 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:32:59 GMT
Cache-Control
no-cache
X-TraceId
46f7506407c78522a2186dd6bc7ef0d3
Content-Length
53
Content-Type
image/gif;
5065428.js
bat.bing.com/p/action/ 		0
117 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5065428.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 09 Jan 2023 21:32:57 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 89FEEB4F4B86430BBE9940931ECA4C04 Ref B: FRAEDGE1812 Ref C: 2023-01-09T21:32:58Z
x-cache
CONFIG_NOCACHE
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 20:54:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2309
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 09 Jan 2023 21:54:29 GMT
track_re
analytics.avatrade.io/ 		7 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.avatrade.io/track_re
Requested by
Host: analytics-cdn.avatrade.io
URL: https://analytics-cdn.avatrade.io/analytics/57/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.27.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-27-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
b3031bdd5d57d1ed118e66c5f1663902fc59053256caa218ef191d685dd9273f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://195.82.109.168/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 09 Jan 2023 21:32:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.22.0
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://195.82.109.168
access-control-allow-credentials
true
x-websiteheader
adserver
content-length
6948
track_re
analytics.avatrade.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://analytics.avatrade.io/track_re
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.27.108 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-27-108.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://195.82.109.168
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
access-control-allow-methods
OPTIONS
access-control-allow-origin
https://195.82.109.168
content-length
0
content-type
text/plain
date
Mon, 09 Jan 2023 21:32:59 GMT
server
nginx/1.22.0
strict-transport-security
max-age=31536000; includeSubDomains
collect
www.google-analytics.com/ 		35 B
240 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://195.82.109.168/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:32:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://195.82.109.168
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-29411375-25&cid=551541594.1673299979&jid=1448960207&gjid=1127412979&_gid=1377057385.1673299979&_u=aGBAgUAjAAAAAEAEK~&z=746426738
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://195.82.109.168/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 09 Jan 2023 21:32:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://195.82.109.168
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://195.82.109.168/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:32:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://195.82.109.168
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-29411375-25&cid=551541594.1673299979&jid=1448960207&_u=aGBAgUAjAAAAAEAEK~&z=237546691
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:32:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-29411375-25&cid=551541594.1673299979&jid=1448960207&_u=aGBAgUAjAAAAAEAEK~&z=237546691
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:32:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
adservice.google.com/ddm/fls/i/ Frame 1CB8 		479 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Requested by
Host: 11442924.fls.doubleclick.net
URL: https://11442924.fls.doubleclick.net/activityi;dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba6fb42e0f0b38a72db7b6b772ef29a9f52a49b0c9c04070e344a4d5eee91efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11442924.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
257
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
adservice.google.com/ddm/fls/i/ Frame B456 		505 B
748 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
Requested by
Host: 11442924.fls.doubleclick.net
URL: https://11442924.fls.doubleclick.net/activityi;dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d2e93987b5290b84734d98a7387d58b27cd31a84534813938f62db4e361c65c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://11442924.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
281
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
adservice.google.de/ddm/fls/i/ Frame 6BC9 		194 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO3K3Ja4u_wCFTdCHgIdZuoKOg;src=11442924;type=avatr0;cat=webvi0;ord=9992901506912;gtm=2wg120;auiddc=2076571475.1673299979;u4=undefined;u5=undefined;~oref=https%3A%2F%2F195.82.109.168%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:59 GMT
expires
Mon, 09 Jan 2023 21:32:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
adservice.google.de/ddm/fls/i/ Frame 477A 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMvH3Ja4u_wCFctKHgIdqjMPIA;src=11442924;type=campa0;cat=campa0;ord=7318872711109;gtm=2wg120;auiddc=2076571475.1673299979;~oref=https%3A%2F%2F195.82.109.168%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 09 Jan 2023 21:32:59 GMT
expires
Mon, 09 Jan 2023 21:32:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
check
195.82.109.168/api/auth/ 		559 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/api/auth/check
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/static/js/2.d2b5ce3e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
35ca1c8f546f5d17af18d474353b8f271b0fd72cca186588b066463e6736ba87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:33:00 GMT
Server
nginx/1.19.6
Connection
keep-alive
Content-Length
559
Content-Type
text/html
0
bat.bing.com/actionp/ 		0
175 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/actionp/0?ti=5065428&tm=gtm002&Ver=2&mid=50e0fa4c-7e17-4cad-9584-e32e413ad462&sid=30a89e20906511ed97b9e394778f71cc&vid=30a8bf80906511ed86fdc783b8f7a363&vids=1&msclkid=N&evt=pageHide
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Jan 2023 21:32:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: F3C31F78486644B7A62EF249CFF01410 Ref B: FRAEDGE1812 Ref C: 2023-01-09T21:33:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5065428&tm=gtm002&Ver=2&mid=50e0fa4c-7e17-4cad-9584-e32e413ad462&sid=30a89e20906511ed97b9e394778f71cc&vid=30a8bf80906511ed86fdc783b8f7a363&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ava-trade&p=https%3A%2F%2F195.82.109.168%2F&r=&lt=1919&evt=pageLoad&sv=1&rn=152463
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Jan 2023 21:32:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BA69D07E44D84F32A8D4848CD55BF92B Ref B: FRAEDGE1812 Ref C: 2023-01-09T21:33:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5065428&tm=gtm002&Ver=2&mid=7dd79f98-8703-41b1-86dd-2914e4a7916b&sid=30a89e20906511ed97b9e394778f71cc&vid=30a8bf80906511ed86fdc783b8f7a363&vids=0&msclkid=N&page_path=%2F&spa=Y&p=https%3A%2F%2F195.82.109.168%2F&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Ava-trade&r=https%3A%2F%2F195.82.109.168%2F&evt=pageLoad&sv=1&rn=31880
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 09 Jan 2023 21:32:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: AD3CD18252DC4007A03776130819C32E Ref B: FRAEDGE1812 Ref C: 2023-01-09T21:33:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/949429976/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/949429976/?random=1673299980086&cv=11&fst=1673299980086&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2F195.82.109.168%2F&tiba=Ava-trade&auid=2076571475.1673299979&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLRBJ5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57a1bf0c9743ef80838d8ebb10033260f7133b20a767ea4534f53a4647ee969b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:33:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Jan 2023 21:33:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27613
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
OoAo6gy8op4krhcoX01SlSeBUFPsqkv6VfPBNe02W2mUy084CN1wK94Yf75/2uffHMWU+LqV0wvxhWxzUDnZOg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1416992/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1416992/tfa.js
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e67064d75a7036ae0bf167f455f6b09f047056f2e60430c8744b167d72fdc317

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ILWV5mCHPIc7FYuy.wRd2iHU51QaAcjc
content-encoding
gzip
via
1.1 varnish
date
Mon, 09 Jan 2023 21:33:00 GMT
x-amz-request-id
W5210974G9025NDY
age
10
x-cache
HIT
x-amz-replication-status
PENDING
content-length
18340
x-amz-id-2
g/MpmML9yh/OlPL2+0MAEn4FzDeBh7avCXpVMRnDX+oAxwLkG6pwNhcf00uRYp+TZmaEVS3SCxs=
x-served-by
cache-fra-eddf8230078-FRA
last-modified
Sun, 08 Jan 2023 12:05:11 GMT
server
AmazonS3
x-timer
S1673299980.125802,VS0,VE1
etag
"ac47cf2d0e23b296b6dfd9f9981ba255"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
7
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://195.82.109.168/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:33:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://195.82.109.168
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://195.82.109.168/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:33:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://195.82.109.168
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
connector
195.82.109.168/client/ 		559 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/client/connector?X-Atmosphere-tracking-id=0&X-Atmosphere-Framework=2.3.8-javascript&X-Atmosphere-Transport=streaming&X-Atmosphere-TrackMessageSize=true&X-atmo-protocol=true&sessionState=dx-new&_=1673299980120
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/static/js/2.d2b5ce3e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
35ca1c8f546f5d17af18d474353b8f271b0fd72cca186588b066463e6736ba87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:33:00 GMT
Server
nginx/1.19.6
Connection
keep-alive
Content-Length
559
Content-Type
text/html
opensans-regular.4124088f.woff2
195.82.109.168/static/media/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://195.82.109.168/static/media/opensans-regular.4124088f.woff2
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/static/css/main.87df52bc.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.82.109.168 London, United Kingdom, ASN199391 (XGLOBE-199391, IL),
Reverse DNS
Software
nginx/1.19.6 /
Resource Hash
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7

Request headers

Referer
https://195.82.109.168/static/css/main.87df52bc.chunk.css
Origin
https://195.82.109.168
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Mon, 09 Jan 2023 21:33:00 GMT
Last-Modified
Fri, 02 Dec 2022 15:39:22 GMT
Server
nginx/1.19.6
ETag
"638a1c2a-2870"
Content-Type
font/woff2
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10352
json
trc.taboola.com/1416992/trc/3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1416992/trc/3/json?tim=1673299980144&data=%7B%22id%22%3A360%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1673299980138%2C%22cv%22%3A%2220230108-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2F195.82.109.168%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Davatradeltd-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22item-url%22%3A%22https%3A%2F%2F195.82.109.168%2F%22%2C%22tim%22%3A1673299980144%2C%22ref%22%3Anull%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1416992/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c6278d59e1e19bc12f63279002dd29287f89e09a2f94ff1ac2c48f501436623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Mon, 09 Jan 2023 21:33:00 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230078-FRA
server
nginx
x-timer
S1673299980.172741,VS0,VE15
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
136436216770158
connect.facebook.net/signals/config/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/136436216770158?v=2.9.91&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2cfbb597c6e6afbfbdf51f8ca11d42f69aa90b73dd5afac6010d6aef1126c675
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 09 Jan 2023 21:33:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
Q2e5j9aJjUH/a15Npvx/ZFax7aBTJbWlCLiQ9xkwsSGwhCu1fvcTIEgtubrEyogVCiaZNUHYXHeW26h/5JTFUA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
unip
trc.taboola.com/1416992/log/3/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1416992/log/3/unip?en=page_view&item-url=https%3A%2F%2F195.82.109.168%2F&tim=1673299980144&ref=null&cv=20230108-3-RELEASE&tos=55&ssd=1&scd=0&vi=1673299980138&ri=e7f579ff51f2573caf1596a76dae709a
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/static/js/2.d2b5ce3e.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 09 Jan 2023 21:33:00 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230078-FRA
server
nginx
x-timer
S1673299980.198312,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://195.82.109.168
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/949429976/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/949429976/?random=1673299980086&cv=11&fst=1673298000000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2F195.82.109.168%2F&tiba=Ava-trade&fmt=3&is_vtc=1&random=2719311409&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:33:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/949429976/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/949429976/?random=1673299980086&cv=11&fst=1673298000000&bg=ffffff&guid=ON&async=1&gtm=2wg120&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2F195.82.109.168%2F&tiba=Ava-trade&fmt=3&is_vtc=1&random=2719311409&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:803::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jan 2023 21:33:00 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=136436216770158&ev=PageView&dl=https%3A%2F%2F195.82.109.168%2F&rl=&if=false&ts=1673299980494&sw=1600&sh=1200&v=2.9.91&r=stable&ec=0&o=28&fbp=fb.3.1673299980493.1170400193&it=1673299980167&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 09 Jan 2023 21:33:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
unip
trc-events.taboola.com/1416992/log/3/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1416992/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1673299980141&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1673299981694&vi=1673299980138&ri=e7f579ff51f2573caf1596a76dae709a&ref=null&cv=20230108-3-RELEASE&item-url=https%3A%2F%2F195.82.109.168%2F
Requested by
Host: 195.82.109.168
URL: https://195.82.109.168/static/js/2.d2b5ce3e.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.230.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://195.82.109.168/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://195.82.109.168
pragma
no-cache
date
Mon, 09 Jan 2023 21:33:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontentvisibilityautostatechange object| dataLayer function| sbidLocalStorageEnabled object| vimeoVids undefined| vimeoScript object| youtubeVids undefined| youtubeScript undefined| player undefined| currentVid undefined| firstScriptTag function| vimeo_listeners function| onYouTubeIframeAPIReady undefined| onPlayerReady undefined| onPlayerStateChange object| sbidTrackingTempSettings object| sbidTracking object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| webpackJsonpava-web string| GoogleAnalyticsObject function| ga function| obApi function| UET function| UET_init function| UET_push object| ueto_62608c9607 object| uetq object| gaplugins object| gaGlobal object| gaData object| $myava function| _UA-29411375-25_originalSendTask object| __SENTRY__ object| chart function| setImmediate function| clearImmediate object| GooglebQhCsO function| fbq function| _fbq object| _tfa function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError

10 Cookies

Domain/Path Name / Value
195.82.109.168/ Name: _gcl_au
Value: 1.1.2076571475.1673299979
.bing.com/ Name: MUID
Value: 2BAF863065686CB220A394A464686D88
195.82.109.168/ Name: _ga
Value: GA1.1.551541594.1673299979
195.82.109.168/ Name: _gid
Value: GA1.1.1377057385.1673299979
195.82.109.168/ Name: _dc_gtm_UA-29411375-25
Value: 1
195.82.109.168/ Name: outbrain_cid_fetch
Value: true
195.82.109.168/ Name: _uetsid
Value: 30a89e20906511ed97b9e394778f71cc
195.82.109.168/ Name: _uetvid
Value: 30a8bf80906511ed86fdc783b8f7a363
.doubleclick.net/ Name: IDE
Value: AHWqTUm5LZIfYqhYEtAt9rr2jLdEukhzLAgenExYwlrotOoJAqAJe7kn5SHD7t0Y
195.82.109.168/ Name: _fbp
Value: fb.3.1673299980493.1170400193

3 Console Messages

Source Level URL
Text
network error URL: https://195.82.109.168/api/auth/check
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network error URL: https://195.82.109.168/static/js/2.d2b5ce3e.chunk.js(Line 1)
Message:
WebSocket connection to 'wss://195.82.109.168/client/connector?X-Atmosphere-tracking-id=0&X-Atmosphere-Framework=2.3.8-javascript&X-Atmosphere-Transport=websocket&X-Atmosphere-TrackMessageSize=true&X-atmo-protocol=true&sessionState=dx-new' failed: Error during WebSocket handshake: Unexpected response code: 502
network error URL: https://195.82.109.168/client/connector?X-Atmosphere-tracking-id=0&X-Atmosphere-Framework=2.3.8-javascript&X-Atmosphere-Transport=streaming&X-Atmosphere-TrackMessageSize=true&X-atmo-protocol=true&sessionState=dx-new&_=1673299980120
Message:
Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11442924.fls.doubleclick.net
adservice.google.com
adservice.google.de
amplify.outbrain.com
analytics-cdn.avatrade.io
analytics.avatrade.io
bat.bing.com
cdn.taboola.com
connect.facebook.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
141.226.230.48
142.250.185.102
151.101.65.44
195.82.109.168
2.18.234.190
2600:9000:214f:c400:3:94da:5580:93a1
2620:1ec:c11::200
2a00:1450:4001:803::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:400c:c0b::9b
2a00:1450:400d:803::2003
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.252.27.108
66.225.223.127
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
1ccdc085b5be138822c5352d11f93edad63feaf4a7cbcac15314705a863492e7
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2cfbb597c6e6afbfbdf51f8ca11d42f69aa90b73dd5afac6010d6aef1126c675
35ca1c8f546f5d17af18d474353b8f271b0fd72cca186588b066463e6736ba87
3b06aad05fed8940526c292b1183b11b6316206596276721e5d359f5e4b13480
57a1bf0c9743ef80838d8ebb10033260f7133b20a767ea4534f53a4647ee969b
5d9df8fa7e2505a9073970cbde0a5a0effc26fbd4c8b0fc410cb53ab514e6666
60e630a1486b3558f557fe426ee67c836859b86c5619932efdab8af83a8e8b8f
732d5765c33eff81c7825dcc5e8cd1eda32dc04f39da7cae66accf9580b1e3a7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
845e2d0c574051a948d642642ccf5bf0c19b4d8cc9fe3cd321b45f68056529be
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9c6278d59e1e19bc12f63279002dd29287f89e09a2f94ff1ac2c48f501436623
9d2e93987b5290b84734d98a7387d58b27cd31a84534813938f62db4e361c65c
a51fc272cd81c81ae5618a0cb7af29ab808aae96dbee7959d7357c5507c27563
a621ea73888a2e18dc7dec0c3e5b39888a6f631cba82fa936edccbfee6091c68
a818a79a151db010ba8970d5139f232b974e296cf4603cda896b78743d0a78ab
aaa138e2b92ae1418f63bc32db0bcfd884416820414bea27eb14cd13b6e2d4ad
b3031bdd5d57d1ed118e66c5f1663902fc59053256caa218ef191d685dd9273f
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba6fb42e0f0b38a72db7b6b772ef29a9f52a49b0c9c04070e344a4d5eee91efc
bbd9945c3faaef1e6098972c176e5081aeb0045b5b5e3629e32ac230bd6b1a60
be1293ab0ac4eec892b1053daccc8b192cbe05a42ca3146fed64530e45cd6e92
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67064d75a7036ae0bf167f455f6b09f047056f2e60430c8744b167d72fdc317
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f30cdda5b1f5deb4003e2687e9c22fd32885a92a88dba64dcfd6819937379941