urlscan.io logo urlscan.io
SecurityTrails logo

elgoog.im Open in urlscan Pro
2606:4700:e6::ac40:c71d  Public Scan

Go To Rescan Add Verdict Report
URL: https://elgoog.im/doabarrelroll/
Submission Tags: falconsandbox
Submission: On September 02 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 4 countries across 14 domains to perform 70 HTTP transactions. The main IP is 2606:4700:e6::ac40:c71d, located in United States and belongs to CLOUDFLARENET, US. The main domain is elgoog.im. The Cisco Umbrella rank of the primary domain is 153820.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 28th 2021. Valid for: a year.
This is the only time elgoog.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    2606:4700:e6::ac40:c71d (United States)

ASN13335 (CLOUDFLARENET, US)
elgoog.im
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
20    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
2    13.32.121.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-37.fra60.r.cloudfront.net
sb.scorecardresearch.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2600:1f18:612b:4216:319:ee2:5022:1df1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
5    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
Apex Domain
Subdomains		 Transfer
26 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 971
trc.taboola.com — Cisco Umbrella Rank: 705
vidstat.taboola.com — Cisco Umbrella Rank: 2376
images.taboola.com — Cisco Umbrella Rank: 1704
imprammp.taboola.com — Cisco Umbrella Rank: 13248
am-match.taboola.com — Cisco Umbrella Rank: 13000
wf.taboola.com — Cisco Umbrella Rank: 2542
am-vid-events.taboola.com — Cisco Umbrella Rank: 12269
sync-t1.taboola.com — Cisco Umbrella Rank: 1253
vidstatb.taboola.com — Cisco Umbrella Rank: 4320
2 MB
24 elgoog.im
elgoog.im — Cisco Umbrella Rank: 153820
77 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 526
3 KB
3 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3196
547 B
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 336
793 B
3 gstatic.com
fonts.gstatic.com
52 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 152
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
20 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 384
41 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6487
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
437 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
0 addthis.com Failed
s7.addthis.com Failed
70 14
Domain Requested by
24 elgoog.im elgoog.im
5 sync.search.spotxchange.com 5 redirects
5 cdn.taboola.com elgoog.im
cdn.taboola.com
4 images.taboola.com
4 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
4 trc.taboola.com cdn.taboola.com
3 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
3 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
3 fonts.gstatic.com fonts.googleapis.com
2 am-match.taboola.com vidstat.taboola.com
2 sb.scorecardresearch.com cdn.taboola.com
2 www.google-analytics.com elgoog.im
www.google-analytics.com
2 cdn.jsdelivr.net elgoog.im
1 vidstatb.taboola.com
1 am-vid-events.taboola.com
1 wf.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com elgoog.im
0 s7.addthis.com Failed elgoog.im
70 23
Subject Issuer Validity Valid
elgoog.im
Cloudflare Inc ECC CA-3		 2021-10-28 -
2022-10-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-21 -
2023-04-22		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-08-08 -
2022-10-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-08-15 -
2022-11-07		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh

This page contains 4 frames:

Primary Page: https://elgoog.im/doabarrelroll/
Frame ID: 8A16356901E5F14FBD28A93413BFC56C
Requests: 58 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&cmcv=&pix=undefined&cb=1662085382968&uv=3221&tms=1662085382968&abt=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4553cef7-5e22-45d0-8888-b449e35c9031&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 0736E293D76C34F7915728E11EE8E804
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 95E0FCC52833F8B25DAEC3633310AD0A
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: EF5377DF52C0B05507B09BED1E7B7277
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play "Do A Barrel Roll" Google Tricks - elgooG

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

70
Requests

94 %
HTTPS

64 %
IPv6

14
Domains

23
Subdomains

14
IPs

4
Countries

1811 kB
Transfer

3734 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2bf44a47-2a66-11ed-88af-1d0a0d900506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Request Chain 55
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=2bf40b05-2a66-11ed-ac24-1e1d47870206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Request Chain 63
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
elgoog.im/doabarrelroll/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc2b2460b0cd0b811d7f8a142911fb335fc1684c56616593213bcdd02130f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
REVALIDATED
cf-ray
7442c8058bef6916-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 02 Sep 2022 02:23:02 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSi63%2FmfDvcMfmU5ag2%2B3jtAzp9VWyM331inD4oHaRF31BvVTerQTQmoB%2FKqSTXk54ouBPAZQtwcc5BxqH8yMebPKRyYvcdtKB1kv1tECAFvnaFlHl%2FVyhbKGlk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
JGK-iSZzO6-4eDwTbSn9A5L1zjQ.js
elgoog.im/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/cdn-cgi/apps/head/JGK-iSZzO6-4eDwTbSn9A5L1zjQ.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4cfdf85a96564a4c8631329a80bda1c0cae8eb79ee9302b713f14bb534f8199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15432515
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
V73DWF9Z1JFVWDKW
x-amz-id-2
8NaHPIr1sCXWKmrI88H1V8jd+NAy4C7Epc3uBGLgvjpAN2XBP0ZbuKLVLa/DyBY/K+XUiHaDux8=
last-modified
Thu, 28 Oct 2021 01:57:30 GMT
server
cloudflare
etag
W/"62a92c0a5b3adfda4c5fbfd64ab5afa5"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDSAAN4SDcXqQLbaRkrfzoriJycefWEZwPa4FFmnQRwG2uVNjsCGXRSgNKEzfgyrmtIen9l6a5ReYY1fX5BSuN5H0uxecx6XN7HufJ1WXOTqjrGRbO%2B84vxY%2Be6DXg1nhXbwMUyv08A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
xt0B57GrGU4STsHMwOtrWRPUrzupxY3h
cf-ray
7442c805cc206916-FRA
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
235b44839d5c2a60b8703f60203960db08482a1d7f2def5815b0fcfdbf9e5677
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Sep 2022 01:21:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 02 Sep 2022 02:23:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Sep 2022 02:23:02 GMT
main.min.css
elgoog.im/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/css/main.min.css
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e131c4c8d335ea14dd0a192e0d1c73cf41c4ea34721e404f1687e5bc26991f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4288
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"67192b2460c27a4b5c2630163df234f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xvf2h1eY5rGdHH25t2mdQagfFc7M1ZERo65xxoeEuCLcBrTCv%2B6UY4UTf72GJQ1NfATLJ3ee1BwTKE1iuuY3yocodj%2FLc3LlAAN%2BEelEIg9AOAB1q5d4OCF9Fds%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c805cc1e6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
gserp.min.css
elgoog.im/assets/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/css/gserp.min.css
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99dabe65674ff08d597950906f728de2e90f42a8f701f998612e29e2326cf98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3637
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"01ee5d0571236404a9d602c0a1c44c34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saMkwoaOEC8cnWkOoFFKRehAMUEo3qcNjqMST%2Fn6YWK9jsVLdh92tMxXLbpeWxRCJ%2FbJara1YC5mk3SnzLd16gZBkLZ3A%2B%2F5%2BQTgTeJnh4ch%2FzYE2P0ZHaQijig%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c805cc1f6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
elgoog-logo.png
elgoog.im/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/img/elgoog-logo.png
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf379abafd24c9a794e884287fba6ee4de1ec2350ac3f9dae9adb84750a8cd68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3636
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6637
server
cloudflare
etag
"9d71f2dd9e71d0d6b0777c9d57b5749e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KblVuKd257G4BT4abwINx%2F%2B2oDRmgSeG4Pqi1e81B4MvyeDcKDfBfB07ORW%2FzozorYkFEeg66UzXn7dcyhAcUbpMnCnkAcZXPN%2FTDq9d1RrMZfOJw4%2B5TOvQo6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
7442c805ec336916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
voice.svg
elgoog.im/assets/svg/ 		541 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/voice.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63f6942125ba71554329b49bcaa6880a14753cd6dbf0c965f191fa24c7276128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"8b37c6aa236e53b42b4460b9b5041166"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3OJIJAIpowYGnm5t6r8XAEM1gHwJk51i%2BlKI%2BozoCHPZAR50stGl5WAjxsC%2Fy%2BDSujipZxTyqhJ1uXQOxJJFhsc29QQJVMMTOkrOtjwMR3mAZo9a154LlMIoTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c805ec366916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
apps.svg
elgoog.im/assets/svg/ 		642 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/apps.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1c5c4652853e94c755f5306c8a3256b6791e58515b8f76a0432d86f4dc44a46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"9c7a21d7d4681f93345a3f451e514142"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kb8yO9NxQwwVuFr74FORi5lqZcnjTOy6vzVSEIYgPg%2FkoEwROD%2BMXz0YMctf0F0B9hdpmR%2FVNJsB2jmMK6u3K%2Bh7juaR3qO%2BuwK%2BDAyXRTCLyeqFv3m1iPvVZys%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c805ec376916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
thanos.jpg
elgoog.im/assets/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/img/thanos.jpg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9322135fa5f95c6de37d32ba5994c36161a034c936f23ab48772946d28e83790
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15168
server
cloudflare
etag
"dd5bb6f3d9f96561b7c5242fa3bbe9d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U3vM1FZgMX9sBTjYjIdOq%2F%2BqZGGr%2FApuUaYYBHKQChyZLwdYFdM%2BLBW5Qg01k9%2Ff4jHFyyKRqmTmJRykuqvGDEoLR%2Fptm3BbHwxhgPF7dAmsZv%2BZAVsQgK3TzOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
7442c805ec396916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
logo.png
elgoog.im/assets/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/img/logo.png
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1596a6a93efa761021728a9a9bcfaf993547696023ed0b28042bae0fa10cf1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14171
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7f31d99f22476f2789aa3d6a35f40542"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eV4iZ5s7Um0VbT1kSG91awt8P1WrfvPdscvpgnk3K8vuGQtYuQ4NFg%2Bl4Sek7T5p8VY%2FDLMS16cPRiZ7gdNwLkXfIN44fbOzMqwLW5NnBkFYoT0jMTE9Z1uWr7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
7442c805ec3b6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
more.svg
elgoog.im/assets/svg/ 		241 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/more.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b4cba453d787dc3db40d32cdff6d14dec5b34bf969f5a2b96873c4fd7cd5601
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
etag
W/"ee3a7c26b9616480e39b37cb7007af9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtGyVsN63U7BhqwgmuHnM33v8vtV7nYddvwXR%2BXQBsJTW96dGSXUu9A3DHkIelHH9gOKvtNmBUG02rnI2qNkUAm%2F94k4wLRn%2Fu8EoEPMFgDvtH8YR4iEC%2Ffr%2Fa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7442c805ec3c6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
search.svg
elgoog.im/assets/svg/ 		301 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/search.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0587cabae102e498ef4a2d70669bdab0408be646988f88aa3f324e6b501cd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3636
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"0ba0ebd8dbdf6858be21fa1b8ff0454c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FGEnFdK6BHZhn%2BZx5WN5TGsGuZXMbxp3wQP4RuONKfUhfaFPpN6ZwvFL8P5Gyi8BElnQpKTQ2PlkRGnZeeich%2FRwWm1Ziipcvf24%2FDRQCREvTUsbgY8AmwgSU4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c805ec3d6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
rocket-loader.min.js
elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 31 Aug 2022 13:16:51 GMT
server
cloudflare
etag
W/"630f5f43-302c"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeAI8FqGdv9Z1H%2B2Sz37iKqEUKzw%2FX96Vbz8srDI1HObZ%2BVSutE2y%2Bc5oUO09AJ2h8uf8ZXaag%2BtGqMvID7zqYjRs6paowLBXS3ZECGPYhlXlw5lAOGRdwLWeLM3Ujc%2F4gIGvKGCnhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7442c805ec3f6916-FRA
vary
Accept-Encoding
expires
Sun, 04 Sep 2022 02:23:02 GMT
explode.min.js
elgoog.im/assets/js/lib/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/js/lib/explode.min.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14166eabe44d946655052e3491bf6db12dcd22a7a9bbbb98e69e2d65c6ed3108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7144
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"082d70c1c3a03975d2f4cb761e86bf2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaWgl21Lcx7WazpObOpe753j6Thk1ZNp%2F8%2B6p83zuMhwPHqat9U8s9rU42kmW%2FsgoXUgJCy8zoaTZyJ1uGNqIQBun7OQ94spRDR08X8LlNm2frEaizfRH2IUw%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8061c586916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
main.min.js
elgoog.im/assets/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://elgoog.im/assets/js/main.min.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed0dab6394966fd41ab1ed7a747f4641704f72210a354633604893eacb067b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1659
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"be157bcffd4f4029be935f7da3fc6351"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPheAitVSJ3K3rgxeJywoMw2q7xlzymJrlcnI0XaCA%2BjVKvkOQmrKR%2B6Io2dEeyJOAHTXFrki4yh2O8lvpqmircDDS0X84eUrBrF%2F%2FBOR%2BV4nfBsbztNk4R8d6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8061c5b6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
autotrack.js
cdn.jsdelivr.net/npm/autotrack@2.4.1/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/autotrack@2.4.1/autotrack.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
1466778
x-jsd-version
2.4.1
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8050
etag
W/"60d8-QRhmNecSdvVfNQtmuCchg0p40iU"
x-served-by
cache-fra19180-FRA
x-jsd-version-type
version
date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4625
date
Fri, 02 Sep 2022 01:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 02 Sep 2022 03:05:57 GMT
jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
874631
x-jsd-version
1.11.3
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33344
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
x-served-by
cache-fra19180-FRA
x-jsd-version-type
version
date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
nav_logo242_hr.png
elgoog.im/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/img/nav_logo242_hr.png
Requested by
Host: elgoog.im
URL: https://elgoog.im/assets/css/gserp.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b825de47aba3c06f0193a05591ef370ba361c9080952cb7e9be1963cede860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/assets/css/gserp.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1521
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3104
server
cloudflare
etag
"46d466650dbe2ccf025092859c0a4010"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2F0HGdMtj595uy797vJJDalxBUg7jscW0pvjo6s%2FergJxF6nFK82aEzb07AAHDfA01s3p7ARSRGz5BmP7WsJFygZi3aUf5vZoaJkT4YY83Q6k%2BdqUwfFzPB44uY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=0, must-revalidate
accept-ranges
bytes
cf-ray
7442c8062c5f6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://elgoog.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 21:28:24 GMT
x-content-type-options
nosniff
age
104078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24320
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Aug 2023 21:28:24 GMT
va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quattrocentosans/v18/va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194c18a2b5dd01fb3f988112f03fdba314ad5f0051ecb8b2fbc652b7e7e46438
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://elgoog.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 08:45:59 GMT
x-content-type-options
nosniff
age
236223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24232
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:14:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Aug 2023 08:45:59 GMT
va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0_uHA.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0_uHA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1bc3363072ad0b31886ece1320b931e252099034ec75c8d136bb49494567c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://elgoog.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Thu, 01 Sep 2022 03:11:57 GMT
x-content-type-options
nosniff
age
83465
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4148
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Sep 2023 03:11:57 GMT
fb.svg
elgoog.im/assets/svg/ 		1 KB
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/fb.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28ea584ef3058661eae8cb0ab30bfbf4d7a374487f0744233e9742f7da48b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"231a412aa6293ef73f0a81a0a65d6066"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH%2Fwwh5znfAoDeOWegIQ5%2FiKGuplyqY3LMuN%2BDPTIzxg0UJMyL11KpvjNopAXBE2wGiSJBCwM8iEiuS9C2bQLwRzGpEIkeurtY7TWvhXZYgyJBDNl78HGHUGh7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c8b6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
tw.svg
elgoog.im/assets/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/tw.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2501206bc2dd1946397e5af73148a1068f4eed77f5a85ffd37f500c8bad192ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
etag
W/"8e4944108c72d9b921adbb47e0501b2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pcpo8KYltWgcF86Vm48uiOhGIYTSL2ax3O%2F1%2BhSb265%2FoRSVYyGUywUMCLLmlKrfRyqaKcmZkU6Z18F6gLlAA8ZYj8qzuaHF1DFLHBV979cjWAPlg%2FfE3eRbNW4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
7442c8066c8d6916-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
search-blue.svg
elgoog.im/assets/svg/ 		301 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/search-blue.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acf14e0a13c96e5c7c99efd6422b00c9359431ad7de82a1ef6fcb6e87c5815f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"9eda1a9f02add38c08b97b8155890a84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkQmbzRFENcsZCxXmVyrrBQS2zFgvP4zeU0Jad9%2FWgAVlnFrUYZih5Yk3y7tOLPJj102C7zZsmumnOn5LU1vZ%2Fing45xzRzMK4%2F3256JlLJ%2BWCw%2BX%2Bi7msdNCcE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c8f6916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
all.svg
elgoog.im/assets/svg/ 		422 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/all.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d334796ed24f1592e5514975e6ae4a0b32ba830f7de8ac19b8666e0ffb61106b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"e932ee1b68b623ea25aca4c25fb2eda9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54lGIFaXjuxdf%2Bm2uHi7UWU2MmD6yQ52vki7%2Fnmm01dWgQUyfmZo7PD6Q0y9Eh723VZ2DNBjfjA947QTZWlwXMg4QIOvca7GZOK0v6yZOGoKKfp3HoYOGQ6J2PI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c916916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
news.svg
elgoog.im/assets/svg/ 		370 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/news.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1942220c39ba3ba7d5c78e1630b26733e1dd36266ed776b37d4b26378c6fa776
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"2a9058d3dfec5583a52779df9ef2f0c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VR%2BbzktKpHU%2FwodXoQgRHpVJJGoSYMmzQRpPqn2NDbhd219d3d8rIWvcdaah5n%2Bc97g3sQX4VL67xntVnBpvlBcJT%2FllY%2FQlmaBY%2BKJ7%2Bi%2FkDmAIghBDLjgXHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c926916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
books.svg
elgoog.im/assets/svg/ 		202 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/books.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
556d7e04634efda779d9deaab33a5f47614b9901fc5e04a1e4ae88b537a84b2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"54029cbac58eea6d55b5b85944c9c42b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1fQd2AFaVVLKnTa3QA7FuXN0Wwll2liAIfGz%2FKcV6bwrMix1lhoVLt%2BqGGRx5wsjqV7KIHKvdMip%2BhhynXLr7WUN9Ke6CqMPgDWaSBgkXzZySC3wUiwZLTttAo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c936916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
images.svg
elgoog.im/assets/svg/ 		342 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/images.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ff31f9b277062c2bffd781a2343ae0ee0b7e1e69bc5f91297e6bd991fc6bb27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"8697eb900cc42855b28ece8d5ae68de8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJGIdN1hymldTNGyl%2BcIspnKcTetqipIY4rmsx3ajY0NzGjIZ4rKwxHCMHneyAEWH0v4IqQtHIqAii41eRMXVoq8h7IB6uKVxpxFngItSchN5jqQrZuhXUaZVUs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c946916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
videos.svg
elgoog.im/assets/svg/ 		291 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/videos.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83e3bff4dcaa29f460fc8e9a74624323e8432c669498dd864d71cf790178c724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"2f23f52847b8890a3075832cb43c4ccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YybPisKiiw1twUm%2B6ottGLcjPt3szvsih%2B%2BrfR3OiHHQ4l8J7EVxfmNvAT87844zFtqZmUNp8aR4J9GNMkGar44a8MiCaoXiZuJsDkkCLAbsFtkFaHyopcEigzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c956916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
favicon.svg
elgoog.im/assets/svg/ 		417 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elgoog.im/assets/svg/favicon.svg
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
383e2e78b469b28d9c6d0aaf59e5e0572019748b9e5c75a856efcfba87ed573f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/doabarrelroll/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5737
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
etag
W/"127610383b1aa127f7e6482c88ebdd62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Qo%2F83NY8N32IHIyOsGETVjKPcocnIOn2zIczsvhcHAe%2F9Z512Ixg46JeXE5RRWf6JCduJgcxeOKizbLr5NVR8D2mnQTQROyXnmzty6qQkj2xr7TeZqsObTyH18%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=0, must-revalidate
cf-ray
7442c8066c966916-FRA
link
<https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
loader.js
cdn.taboola.com/libtrc/iploc-network/ 		134 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/iploc-network/loader.js
Requested by
Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b426fb384a97db425a2d66682697543cd3f7492def013bc4e7f6dfc00d22590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
0xff3HeqYfDOVLTS6OT0hrHGqozi2HSL
content-encoding
gzip
age
8792
via
1.1 varnish
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
5
content-length
23734
x-amz-id-2
oUc95imGaN97uVubaGQQRDyr3vMgSGtvq2AYkCR5tEZs7/qSM01JcdFLei4IbsYDke34yYexZC0=
x-served-by
cache-hhn4023-HHN
last-modified
Thu, 01 Sep 2022 16:32:48 UTC
server
nginx
x-timer
S1662085382.196253,VS0,VE1
etag
"888d5ad522454b69742628a5c992d95379129a6d"
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
YYWG3WMXVB7ZBJJG
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
date
Fri, 02 Sep 2022 02:23:02 GMT
abp
30
x-cache-hits
1
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1944799876&t=pageview&_s=1&dl=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&ul=en-us&de=UTF-8&dt=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABEAAAAC~&jid=443599738&gjid=256649211&cid=1253159507.1662085382&tid=UA-20764615-1&_gid=2079555154.1662085382&_r=1&_av=2.4.1&_au=362&did=i5iSjo&z=1556262915
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:23:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://elgoog.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl.20220901-10-RELEASE.js
cdn.taboola.com/libtrc/ 		680 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
13b2af6905fa708fbe0a8a963d45cff43b92ef08597328cce70b0eea99e0dc4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
pSDN7u3bxiY1cj0bRabadnZG3or6awdQ
content-encoding
br
etag
"f99081e036ad44ecd83b6dd03b78f42c"
age
9849
x-cache
HIT
content-length
143746
x-amz-id-2
vwGFadVORVprkZQsgBuTrwAuc0k/AA3xtfjxvJyNQtRkaqTXEcK5As49beuAMiTBflZbF5kWm88=
x-served-by
cache-hhn4023-HHN
last-modified
Thu, 01 Sep 2022 15:38:53 GMT
server
AmazonS3-br
x-timer
S1662085382.282822,VS0,VE0
date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
x-amz-request-id
0C5GZ8BHC1M1ENYH
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
49
x-cache-hits
1172
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 01:23:01 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
3603
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
JbqqxhiVXkEmyY7q9Cp6KjqgvE_8wCs-eUf88k9qUptmyYFZ4APCsQ==
collect
stats.g.doubleclick.net/j/ 		4 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20764615-1&cid=1253159507.1662085382&jid=443599738&gjid=256649211&_gid=2079555154.1662085382&_u=aGBAAEAAEAAAAC~&z=953595483
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 02 Sep 2022 02:23:02 GMT
content-type
text/plain
access-control-allow-origin
https://elgoog.im
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/iploc-elgoog/trc/3/ 		42 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/trc/3/json?tim=02%3A23%3A02.344&lti=deflated&data=%7B%22id%22%3A411%2C%22ii%22%3A%22%2Fdoabarrelroll%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1662048340864%2C%22vi%22%3A1662085382341%2C%22cv%22%3A%2220220901-10-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F%22%2C%22vpi%22%3A%22%2Fdoabarrelroll%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1651%2C%22nsid%22%3A%22iploc-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-1X1%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22uip%22%3A%22doabarrelroll-300%22%2C%22orig_uip%22%3A%22doabarrelroll-300%22%2C%22cd%22%3A321%2C%22mw%22%3A398%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-1X1stream%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22uip%22%3A%22doabarrelroll-468%22%2C%22orig_uip%22%3A%22doabarrelroll-468%22%2C%22cd%22%3A308.546875%2C%22mw%22%3A468%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdoabarrelroll%2Cdoabarrelroll-300%3Dthumbnails-1X1%3Apub%3Diploc-network%3Aabp%3D0%2C%2Cdoabarrelroll-468%3Dthumbnails-1X1stream%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf798326a0f79407de4eb1cffc77fb6c1c8d45d209c5557610e6d4262e09c5d4

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
289
date
Fri, 02 Sep 2022 02:23:02 GMT
content-encoding
gzip
server
nginx
x-timer
S1662085382.366767,VS0,VE289
x-served-by
cache-hhn4023-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
b
sb.scorecardresearch.com/ 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1662085382349&ns_c=UTF-8&c7=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-37.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
GwWJOsTfuEHBdu2Eo1I7ezwgkpX2I4Uk0LMNtIusO-3ttFwb77nuBw==
x-cache
Miss from cloudfront
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20764615-1&cid=1253159507.1662085382&jid=443599738&_u=aGBAAEAAEAAAAC~&z=635634213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:23:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20764615-1&cid=1253159507.1662085382&jid=443599738&_u=aGBAAEAAEAAAAC~&z=635634213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:23:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.2/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4052bdc457a2ebf44a0671f11a91ef88f3b70ddfc706b5ae289365877dfd7d75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:02 GMT
via
1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
age
321375
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
29862
x-served-by
cache-hhn4023-HHN
last-modified
Mon, 29 Aug 2022 09:04:08 GMT
server
AmazonS3
x-timer
S1662085383.684150,VS0,VE0
etag
"9b41d4f2702a079eae60f297e3e0c705"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
O8NQfdMl2FnivvnxxxzVhaPmwyYhVB-Ye0Jj8rA2FpGggSpZ6b4ghA==
x-cache-hits
13926
userx.20220901-10-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20220901-10-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
410bf461d7e55d2f461ebfbf4e59f974358942bb347567c54a9013490475d31b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
v68vXQxbSgq3QY21kgfZmCl_5y39pTGY
content-encoding
gzip
etag
"436f1b0b54edb1f3ff2ea247278423cf"
age
71
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Tj2TN976wCMfp5mq6Og68b2hNQPuX/GfVdr0lPSkQ72DqEG5mH3Aeu6gJww4Wn1ofKg0PLQVNag=
x-served-by
cache-hhn4023-HHN
last-modified
Thu, 01 Sep 2022 16:05:00 GMT
server
AmazonS3
x-timer
S1662085383.684042,VS0,VE0
date
Fri, 02 Sep 2022 02:23:02 GMT
vary
Accept-Encoding
x-amz-request-id
Y1PY6414NBVJTG66
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
49
x-cache-hits
6
0b6dffb0d030a8b3b3787ca3f06dbef8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0b6dffb0d030a8b3b3787ca3f06dbef8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6226119c3f81587aa5c99e3b7c291c973df2662821bcf0cb8d8ba91ab7c5c105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 02 Sep 2022 02:23:02 GMT
via
1.1 varnish, 1.1 varnish
age
5040710
edge-cache-tag
364928072886226565183527833732742740337,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
cache-tag
364928072886226565183527833732742740337,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
175
x-cache
HIT, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0b6dffb0d030a8b3b3787ca3f06dbef8.jpg
content-length
29232
x-request-id
cb0b9a66e7142952737f6675ecadf137
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 28 Jun 2022 16:25:00 GMT
server
nginx
x-timer
S1662085383.698429,VS0,VE1
etag
"0994cd27e9ad16f7bdd1b58009343bef"
x-served-by
cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100027-IAD, cache-sna10724-LGB, cache-iad-kjyo7100141-IAD, cache-hhn4023-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1, 1
dx7atilc1gybnibaexw3.mp4
cdn.taboola.com/libtrc/static/video/v1653573196/ 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/static/video/v1653573196/dx7atilc1gybnibaexw3.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
210aa0535313735105775f7b1ffaf7eb2d355ce4102c3ed5dbdd35905cf1c28f

Request headers

Referer
https://elgoog.im/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
Pnmcxs7FowYQSgwlgC2cOULC1KswMxup
via
1.1 varnish
etag
"552cd3c87d8db006d881f79bb90287ac"
age
18
x-cache
HIT
Content-Range
bytes 0-1051081/1051082
x-amz-replication-status
COMPLETED
Content-Length
1051082
x-amz-id-2
dcANGgMQ0UEuUl947YhyzbpM6v9a+82yhsasWm1858flTaaUbrA0t5pH3gb/kZp7uanCQBON0wA=
x-served-by
cache-hhn4023-HHN
last-modified
Thu, 26 May 2022 13:53:27 GMT
server
AmazonS3
x-timer
S1662085383.704681,VS0,VE1
date
Fri, 02 Sep 2022 02:23:02 GMT
x-amz-request-id
WZQ8Z408VMJECVVW
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
49
x-cache-hits
0
4352772_1000x500_r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//bilder.pcwelt.de/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//bilder.pcwelt.de/4352772_1000x500_r.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41b6a6b7a775bb3f80dfc22e254497c9ae05329513baf06520837b07cd9b47ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 02 Sep 2022 02:23:02 GMT
via
1.1 varnish, 1.1 varnish
age
1867701
edge-cache-tag
520578743589541894858528424973459543291,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
cache-tag
520578743589541894858528424973459543291,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
363
req-referer
https://aax-eu.amazon-adsystem.com/
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//bilder.pcwelt.de/4352772_1000x500_r.jpg
content-length
2290
x-request-id
709dcf7d18e7416bca3e0e517de58876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Thu, 11 Aug 2022 06:46:17 GMT
server
nginx
x-timer
S1662085383.705303,VS0,VE1
etag
"ad090b4ae99b510a0bf458e1be508435"
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kjyo7100033-IAD, cache-sna10742-LGB, cache-iad-kiad7000066-IAD, cache-hhn4023-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
0b6dffb0d030a8b3b3787ca3f06dbef8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0b6dffb0d030a8b3b3787ca3f06dbef8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6226119c3f81587aa5c99e3b7c291c973df2662821bcf0cb8d8ba91ab7c5c105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 02 Sep 2022 02:23:02 GMT
via
1.1 varnish, 1.1 varnish
age
5040710
edge-cache-tag
364928072886226565183527833732742740337,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
cache-tag
364928072886226565183527833732742740337,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
175
x-cache
HIT, MISS, HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0b6dffb0d030a8b3b3787ca3f06dbef8.jpg
content-length
29232
x-request-id
cb0b9a66e7142952737f6675ecadf137
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
last-modified
Tue, 28 Jun 2022 16:25:00 GMT
server
nginx
x-timer
S1662085383.722669,VS0,VE0
etag
"0994cd27e9ad16f7bdd1b58009343bef"
x-served-by
cache-iad-kjyo7100109-IAD, cache-iad-kjyo7100027-IAD, cache-sna10724-LGB, cache-iad-kjyo7100141-IAD, cache-hhn4023-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 1, 2
4352772_1000x500_r.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//bilder.pcwelt.de/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//bilder.pcwelt.de/4352772_1000x500_r.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
41b6a6b7a775bb3f80dfc22e254497c9ae05329513baf06520837b07cd9b47ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 02 Sep 2022 02:23:02 GMT
via
1.1 varnish, 1.1 varnish
age
1867701
edge-cache-tag
520578743589541894858528424973459543291,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
cache-tag
520578743589541894858528424973459543291,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
363
req-referer
https://aax-eu.amazon-adsystem.com/
x-cache
MISS, MISS, MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//bilder.pcwelt.de/4352772_1000x500_r.jpg
content-length
2290
x-request-id
709dcf7d18e7416bca3e0e517de58876
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
last-modified
Thu, 11 Aug 2022 06:46:17 GMT
server
nginx
x-timer
S1662085383.739819,VS0,VE0
etag
"ad090b4ae99b510a0bf458e1be508435"
x-served-by
cache-iad-kjyo7100138-IAD, cache-iad-kjyo7100033-IAD, cache-sna10742-LGB, cache-iad-kiad7000066-IAD, cache-hhn4023-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
st
imprammp.taboola.com/ Frame 0736 		742 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&cmcv=&pix=undefined&cb=1662085382968&uv=3221&tms=1662085382968&abt=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4553cef7-5e22-45d0-8888-b449e35c9031&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://elgoog.im/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 02 Sep 2022 02:23:02 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4023-HHN
x-timer
S1662085383.975330,VS0,VE10
sync
am-match.taboola.com/ Frame 95E0 		742 B
828 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://elgoog.im/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 02 Sep 2022 02:23:03 GMT
machineid
3406
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
955 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=398&height=223&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1662085382974&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1477&pt=-637809757&tz=0&viewable=true&ddast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3103655&dpubid=393585&abtst=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Felgoog.im&en=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b31b8bf2246099042a99d07b7e9be9b586a9962e847a46cc34fe9ab5d325ae1

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
content-encoding
gzip
access-control-allow-origin
https://elgoog.im
machineid
1457
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4023-HHN
pragma
no-cache
server
nginx
x-timer
S1662085383.978425,VS0,VE113
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&cmcv=&pix=31589837&cb=1662085382968&uv=3221&tms=1662085382968&abt=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1662085381971.2!ts:1662085382968&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 0736 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&cmcv=&pix=undefined&cb=1662085382968&uv=3221&tms=1662085382968&abt=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4553cef7-5e22-45d0-8888-b449e35c9031&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:23:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 0736 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&cmcv=&pix=undefined&cb=1662085382968&uv=3221&tms=1662085382968&abt=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4553cef7-5e22-45d0-8888-b449e35c9031&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:319:ee2:5022:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 0736
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&cmcv=&pix=undefined&cb=1662085382968&uv=3221&tms=1662085382968&abt=dfrc_vB!ecp_vB!inc_all_video_vA!Noappq22_vC!t45!t45!tvrReverse1_vB!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=4553cef7-5e22-45d0-8888-b449e35c9031&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12811

Redirect headers

Date
Fri, 02 Sep 2022 02:23:03 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 95E0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:23:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame 95E0 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:319:ee2:5022:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 95E0
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12811

Redirect headers

Date
Fri, 02 Sep 2022 02:23:03 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
113
Connection
keep-alive
Content-Length
0
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/32_2_1/infra/ 		725 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
8e5222350bd22079ba76a819e20ccea6be4235110a4b8cebd33564fdda18cab7

Request headers

Referer
https://elgoog.im/
Origin
https://elgoog.im
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 varnish
age
321254
x-amz-meta-mtime
1661763973
x-cache
HIT
x-amz-meta-ctime
1661763975
x-amz-meta-mode
33188
content-encoding
br
content-length
126712
x-amz-id-2
UqIOectxORRsy1fzSz1D2lWFJ5P06vEogkblf2DtjwEnPW22hjM6QkzunByn49W34XTZTGmo/HQ=
x-served-by
cache-hhn4071-HHN
accept-ranges
bytes
last-modified
Mon, 29 Aug 2022 09:06:16 GMT
server
AmazonS3-br
x-timer
S1662085383.117455,VS0,VE0
etag
"5f22089507fa10d5707ce2727a7dc3e8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
MQC8X2EQAWM8H23W
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
32475
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_2_1/assets/css/ 		63 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_2_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.2/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 varnish
age
321255
x-amz-meta-mtime
1661764028
x-cache
HIT
x-amz-meta-ctime
1661764029
x-amz-meta-mode
33188
content-encoding
br
content-length
8297
x-amz-id-2
jMjT70Hd+SsaTy3qsA7tG6CA7T6xYnOVfkZWLZgjMMS4f54R80hSCznlxirh0NjoEal6JN5DbSA=
x-served-by
cache-hhn4023-HHN
accept-ranges
bytes
last-modified
Mon, 29 Aug 2022 09:07:10 GMT
server
AmazonS3-br
x-timer
S1662085383.102208,VS0,VE0
etag
"a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
MQC715RR5YPW5EX4
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
75594
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/ 		426 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v14.7.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
376dd78b0a9611070abca5b4dca8c5497cc263a969779273d20c3ee9a1d01711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 varnish
age
156284
x-amz-meta-mtime
1661929036
x-cache
HIT
x-amz-meta-ctime
1661929049
x-amz-meta-mode
33188
content-encoding
br
content-length
86596
x-amz-id-2
jgDVIYUf/OAyCv2LlA0iw3VeFooUOOVyQnPPa7j4rSEaW/r3Z53Dyi4cu35FQikSnIONRuU5Fyo=
x-served-by
cache-hhn4023-HHN
accept-ranges
bytes
last-modified
Wed, 31 Aug 2022 06:57:30 GMT
server
AmazonS3-br
x-timer
S1662085383.237295,VS0,VE0
etag
"dc6f9c508a655c577be225354b665441"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
WK7NQA0YND95YBGW
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
46629
sync
am-match.taboola.com/ Frame EF53 		742 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_2_1/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://elgoog.im/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 02 Sep 2022 02:23:03 GMT
machineid
3401
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://elgoog.im/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront), 1.1 varnish
age
587474
x-amz-meta-mtime
1497790207
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-hhn4023-HHN
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1662085383.260888,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-type
video/mp4
access-control-allow-headers
*
x-amz-cf-id
bvT6FK2rTo_nl7n5dhIG0oxfs4XCgY3wJgHK2ZZqm_ol_dkUdi0-QQ==
x-cache-hits
145167
generic
match.adsrvr.org/track/cmf/ Frame EF53 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Sep 2022 02:23:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame EF53 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4216:319:ee2:5022:1df1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame EF53
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7oyYCFgNLeL0zx-24VQRLeL0zx-24VQUAAAAGBuIHJLRabTYum2-tWlkma9FqZFgLh8PhWmIaLVee1cY52CyGQEKr1WbjsvnWqpVlshatRoa1cDgcriWm0XLlWW2cg81iChHkd1gclsvLbPmbzW7NYLAGEDSdDp_rXq8y-_x-n13p9ov8DovDcnmZLX-z2S8HAAAAgIf___9_CAAAAIAIAAAAAAkAAAAAioCKfwuBCwAAAACM____fw0AKI4EdJhOT7vPZfcHAAAAAAgAAAAACYBBQFwJwMvW6cn_________f8wAfeaNzP____-NQQ_Agw_AgxAAAMDHkM5hvWvXhuQkUUFxESMAAACAqK-ClaNJnVBZVP3___dbAVwBAAQI8gsEEWTpDkq8hQEAAASMLdDD4vebHXaN3-2y_________3-z_7N_NKGmR640IHOKPbVfQACAtV9AAAA2dQMAeAuACzqCVgwGq1OI3XA22E0Wk8XsAAAAAO7-____9UBws7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Z9pqGUOnl1QM8-yLI77A4LJeX2fI3m92awWB-E7YYrSaTzXI4Wy4mg-FoOBrtbyAGqwFOxGC5nEwWk91qtBpthrvRbLBAgRhMkKJFg8lqNJosJsPVaLKaLRe73QYpWrWajTaD4Wo2me12q-FguByNcMIWo9VkslkOZ8vFZDAcDUejIcLkxrgbTQartcozmLhFM8duLXFubG7dbmEbLVeG4Wy0W4teH9PDsHC5jLMpPtDt8qncLpeW7WX5vBxbFAzg2IvkaZFOVMPlxrAaTUbOyWSxcS1mvtFs5FwuR5vdZmFbbSxiieZkkU5kl31xs7ENBgvDYuPbjHwj027mGK4WvtFwsTCuPM7Zvrkx7kaTwWqt8gwmbtHMsVtLnBubW7db2EbLlWE4G-3WotfH9DAsXC7jbN-YzSaD4WoznOwbs9lkMFxthpN9h87wXX3ORmc5q_HYvArT5aG9OQwKl8Hi_UlMi2l3dvD8fkenzFZLFnVG4eV79BoUnoNHNbwul-HpcfFt_gwKx8GgiCWCi3SiNJz9HrfK7PP7fRaxRGm6SCd6kd9hcVguL7PlbzZbxBLB6SKdiF7G00X9RwVczJWruWou2qwSAAAAAAAAAMAS5sybAAAAAJwGs9yshqt1HsxisJmtVssFiFD71gUyMNwRWktU3gXolkBLgKiQLm78mCENZ7_HrTL7_H6flQEiwFqZN38miLVaLWsAAAABbAAAgABu3bwFnFfx_____3EAAAAycvQAAADi-0BVA9cKPXCk_AS4WS0G!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 02:23:03 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12913

Redirect headers

Date
Fri, 02 Sep 2022 02:23:03 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=2bf40ab7-2a66-11ed-ac24-1e1d47870206&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
0
bulk
trc.taboola.com/iploc-elgoog/log/3/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1662085384.687534,VS0,VE9
x-served-by
cache-hhn4023-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/iploc-elgoog/log/3/ 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1662085384.693897,VS0,VE10
x-served-by
cache-hhn4023-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/iploc-elgoog/log/3/ 		0
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/iploc-elgoog/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220901-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://elgoog.im/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 02 Sep 2022 02:23:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1662085384.702478,VS0,VE9
x-served-by
cache-hhn4023-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://elgoog.im
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://elgoog.im/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
11036
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
bGxiVQJJV6ushs+GurmdUMKcP55jXiZTni4zPfO1R2tT9H40rLWGSHO/uxS9hhOPRniEOikC9As=
x-served-by
cache-hhn4023-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1662085384.722733,VS0,VE0
date
Fri, 02 Sep 2022 02:23:03 GMT
x-amz-request-id
QQBJB95DTC5C6ET8
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
49
x-cache-hits
279
addthis_widget.js
s7.addthis.com/js/300/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/js/300/addthis_widget.js

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CloudflareApps object| __cfQR object| _taboola function| $ function| jQuery object| google_tag_data function| ga object| gaplugins object| gaDevIds function| closeMenu function| showMenu function| hasScrollbar function| getScrollbarWidth function| addLoadEvent object| gaGlobal object| gaData undefined| bsa_optimize function| randID function| explode function| dabr function| changeTitle function| dabrClick function| animateInit function| animateNext boolean| __cfRLUnblockHandlers object| TRC object| _tblConsole undefined| msg object| _comscore function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| COMSCORE function| udm_ object| ns_p object| placementData object| cmTag object| _cm_wfCounters string| lastWfUrl function| webpackHotUpdate function| startCMTagMain string| category string| vpaidId function| OvaMediaPlayer

5 Cookies

Domain/Path Name / Value
.elgoog.im/ Name: _ga
Value: GA1.2.1253159507.1662085382
.elgoog.im/ Name: _gid
Value: GA1.2.2079555154.1662085382
.elgoog.im/ Name: _gat
Value: 1
elgoog.im/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9c874205-e30b-4f17-b9cf-77a649e08647-tucta0aee86
.spotxchange.com/ Name: audience
Value: 2bf40ab7-2a66-11ed-ac24-1e1d47870206

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

am-match.taboola.com
am-vid-events.taboola.com
cdn.jsdelivr.net
cdn.taboola.com
elgoog.im
fonts.googleapis.com
fonts.gstatic.com
images.taboola.com
imprammp.taboola.com
match.adsrvr.org
s7.addthis.com
sb.scorecardresearch.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
s7.addthis.com
13.32.121.37
141.226.228.48
151.101.129.44
185.94.180.125
2600:1f18:612b:4216:319:ee2:5022:1df1
2606:4700:e6::ac40:c71d
2a00:1450:4001:806::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9b
2a04:4e42:600::485
35.71.131.137
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
07b825de47aba3c06f0193a05591ef370ba361c9080952cb7e9be1963cede860
0b31b8bf2246099042a99d07b7e9be9b586a9962e847a46cc34fe9ab5d325ae1
0b426fb384a97db425a2d66682697543cd3f7492def013bc4e7f6dfc00d22590
13b2af6905fa708fbe0a8a963d45cff43b92ef08597328cce70b0eea99e0dc4f
14166eabe44d946655052e3491bf6db12dcd22a7a9bbbb98e69e2d65c6ed3108
1596a6a93efa761021728a9a9bcfaf993547696023ed0b28042bae0fa10cf1b9
1942220c39ba3ba7d5c78e1630b26733e1dd36266ed776b37d4b26378c6fa776
194c18a2b5dd01fb3f988112f03fdba314ad5f0051ecb8b2fbc652b7e7e46438
210aa0535313735105775f7b1ffaf7eb2d355ce4102c3ed5dbdd35905cf1c28f
235b44839d5c2a60b8703f60203960db08482a1d7f2def5815b0fcfdbf9e5677
2501206bc2dd1946397e5af73148a1068f4eed77f5a85ffd37f500c8bad192ee
2ed0dab6394966fd41ab1ed7a747f4641704f72210a354633604893eacb067b4
376dd78b0a9611070abca5b4dca8c5497cc263a969779273d20c3ee9a1d01711
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
383e2e78b469b28d9c6d0aaf59e5e0572019748b9e5c75a856efcfba87ed573f
4052bdc457a2ebf44a0671f11a91ef88f3b70ddfc706b5ae289365877dfd7d75
410bf461d7e55d2f461ebfbf4e59f974358942bb347567c54a9013490475d31b
41b6a6b7a775bb3f80dfc22e254497c9ae05329513baf06520837b07cd9b47ed
556d7e04634efda779d9deaab33a5f47614b9901fc5e04a1e4ae88b537a84b2c
6226119c3f81587aa5c99e3b7c291c973df2662821bcf0cb8d8ba91ab7c5c105
63f6942125ba71554329b49bcaa6880a14753cd6dbf0c965f191fa24c7276128
7dc2b2460b0cd0b811d7f8a142911fb335fc1684c56616593213bcdd02130f09
83e3bff4dcaa29f460fc8e9a74624323e8432c669498dd864d71cf790178c724
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e131c4c8d335ea14dd0a192e0d1c73cf41c4ea34721e404f1687e5bc26991f6
8e5222350bd22079ba76a819e20ccea6be4235110a4b8cebd33564fdda18cab7
9322135fa5f95c6de37d32ba5994c36161a034c936f23ab48772946d28e83790
99dabe65674ff08d597950906f728de2e90f42a8f701f998612e29e2326cf98f
9b4cba453d787dc3db40d32cdff6d14dec5b34bf969f5a2b96873c4fd7cd5601
9ff31f9b277062c2bffd781a2343ae0ee0b7e1e69bc5f91297e6bd991fc6bb27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
acf14e0a13c96e5c7c99efd6422b00c9359431ad7de82a1ef6fcb6e87c5815f2
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1bc3363072ad0b31886ece1320b931e252099034ec75c8d136bb49494567c2c
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
bf379abafd24c9a794e884287fba6ee4de1ec2350ac3f9dae9adb84750a8cd68
c1c5c4652853e94c755f5306c8a3256b6791e58515b8f76a0432d86f4dc44a46
cb0587cabae102e498ef4a2d70669bdab0408be646988f88aa3f324e6b501cd3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf798326a0f79407de4eb1cffc77fb6c1c8d45d209c5557610e6d4262e09c5d4
d334796ed24f1592e5514975e6ae4a0b32ba830f7de8ac19b8666e0ffb61106b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e28ea584ef3058661eae8cb0ab30bfbf4d7a374487f0744233e9742f7da48b08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f4cfdf85a96564a4c8631329a80bda1c0cae8eb79ee9302b713f14bb534f8199
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9