elgoog.im Open in urlscan Pro
2606:4700:e6::ac40:c71d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://elgoog.im/doabarrelroll/
Submission Tags: falconsandbox
Submission: On May 25 via api (May 25th 2022, 10:30:57 am UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 96 HTTP transactions. The main IP is 2606:4700:e6::ac40:c71d, located in United States and belongs to CLOUDFLARENET, US. The main domain is elgoog.im. The Cisco Umbrella rank of the primary domain is 161657.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 28th 2021. Valid for: a year.

This is the only time elgoog.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:e6:... 2606:4700:e6::ac40:c71d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
22	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 3	99.86.4.2 99.86.4.2	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	2600:1f18:612... 2600:1f18:612b:4216:68f0:5178:951f:deb4	14618 (AMAZON-AES) (AMAZON-AES)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
5 5	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
4 7	184.30.21.112 184.30.21.112	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	18.134.84.20 18.134.84.20	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
8	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
96	22

24 2606:4700:e6::ac40:c71d (United States)

ASN13335 (CLOUDFLARENET, US)

elgoog.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.2 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-2.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4216:68f0:5178:951f:deb4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.94.180.126 (Amsterdam, Netherlands) 5 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.21.112 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-112.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.84.20 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-20.eu-west-2.compute.amazonaws.com

1f2e7.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1078 trc.taboola.com — Cisco Umbrella Rank: 679 15.taboola.com — Cisco Umbrella Rank: 1936 images.taboola.com — Cisco Umbrella Rank: 1663 vidstat.taboola.com — Cisco Umbrella Rank: 2013 imprammp.taboola.com — Cisco Umbrella Rank: 11661 am-match.taboola.com — Cisco Umbrella Rank: 12160 wf.taboola.com — Cisco Umbrella Rank: 2380 am-vid-events.taboola.com — Cisco Umbrella Rank: 11460 sync-t1.taboola.com — Cisco Umbrella Rank: 1259 pips.taboola.com — Cisco Umbrella Rank: 1580 cds.taboola.com — Cisco Umbrella Rank: 1471	547 KB
24	elgoog.im elgoog.im — Cisco Umbrella Rank: 161657	77 KB
9	stickyadstv.com 4 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 675 cdn.stickyadstv.com — Cisco Umbrella Rank: 2389	145 KB
7	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1493 m.addthis.com — Cisco Umbrella Rank: 1449 api-public.addthis.com — Cisco Umbrella Rank: 4078	218 KB
5	spotxchange.com 5 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 518	3 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 338	1 KB
3	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3454	547 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 92 cm.g.doubleclick.net — Cisco Umbrella Rank: 212	1 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 141	2 KB
3	gstatic.com fonts.gstatic.com	52 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 432	43 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1736	802 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 374	1 KB
1	amazon-adsystem.com s.amazon-adsystem.com — Cisco Umbrella Rank: 278	556 B
1	fwmrm.net 1 redirects 1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 4367	536 B
1	google.de www.google.de — Cisco Umbrella Rank: 5483	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 7	501 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
96	19

	Domain	Requested by
24	elgoog.im	elgoog.im
7	ads.stickyadstv.com	4 redirects vidstat.taboola.com cdn.stickyadstv.com
7	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	sync.search.spotxchange.com	5 redirects
5	cdn.taboola.com	elgoog.im cdn.taboola.com
4	match.adsrvr.org	imprammp.taboola.com am-match.taboola.com
4	images.taboola.com
4	trc.taboola.com	cdn.taboola.com
3	api-public.addthis.com	s7.addthis.com
3	s7.addthis.com	elgoog.im s7.addthis.com
3	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
3	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
3	am-vid-events.taboola.com	vidstat.taboola.com
3	sb.scorecardresearch.com	1 redirects cdn.taboola.com
3	fonts.gstatic.com	fonts.googleapis.com
2	cm.g.doubleclick.net	1 redirects
2	cdn.stickyadstv.com	vidstat.taboola.com cdn.stickyadstv.com
2	am-match.taboola.com	vidstat.taboola.com
2	www.google-analytics.com	elgoog.im www.google-analytics.com
2	cdn.jsdelivr.net	elgoog.im
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	s.amazon-adsystem.com
1	1f2e7.v.fwmrm.net	1 redirects
1	wf.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	15.taboola.com	cdn.taboola.com
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	elgoog.im
96	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
forms.gle
popup.taboola.com
www.cleverreach.com
www.gansel-rechtsanwaelte.de
bing.wallpaper.pics
gnib.org
iploc.org

Subject Issuer	Validity	Valid
elgoog.im Cloudflare Inc ECC CA-3	`2021-10-28` - `2022-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-12` - `2023-02-12`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://elgoog.im/doabarrelroll/
Frame ID: 853A733B60E2FB75E334D45BF2BD1CF8
Requests: 78 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=undefined&cb=1653474651871&uv=3186&tms=1653474651871&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=CC18435F67229788591766827985&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 6C587A606B1F69903943195627CFD319
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 48027A44D6456F6473B6497DC60E3846
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: FB32FDA881E8CC378BD7F69B3E75A78B
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 3D756D0B8B0543E2F9A153E1908676CE
Requests: 4 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 307936A0BE8C4D6E156E6B1917FB9B7E
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B978950FD3FE647D4FA425F3B564853B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play "Do A Barrel Roll" Google Tricks - elgooGFacebookTwitterAddThis

Detected technologies

AddThis (Widgets) Expand

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

96
Requests

90 %
HTTPS

43 %
IPv6

19
Domains

34
Subdomains

22
IPs

5
Countries

1107 kB
Transfer

3908 kB
Size

19
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dialog/share?app_id=2140740992815249&href=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&hashtag=%23elgooG

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?hashtags=elgooG&text=Check%20out%20these%20Hidden%20Google%20Games%2C%20Awesome!&url=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&via=elgooG

Search URL Search Domain Scan URL

URL: https://forms.gle/LnDk2zSyuGFU72146
Title: Feedback

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=iploc-elgoog&utm_medium=referral&utm_content=thumbnails-1X1:doabarrelroll-300:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.cleverreach.com/de/land/warum-email-marketing/?tl=rb1tph_pro1&utm_source=taboola&utm_medium=display&utm_campaign=taboola_prospecting&tblci=GiDvLtibr-qHBGPg1uC46ebQiypSneEA3HUTkHA8SCGiOyDd7lgo04aV6vHSnMaLAQ#tblciGiDvLtibr-qHBGPg1uC46ebQiypSneEA3HUTkHA8SCGiOyDd7lgo04aV6vHSnMaLAQ
Title: CleverReach

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=iploc-elgoog&utm_medium=referral&utm_content=thumbnails-1X1stream:doabarrelroll-468:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://www.gansel-rechtsanwaelte.de/formulare/abgasskandal-online-check?utm_source=taboola&utm_medium=native&utm_campaign=500_0570_TAB_ZV17_GR_NAT_DIESELSKANDAL_Contextual-relevant-Richter_D_05-2022_&utm_content=elgoog.im&utm_term=iploc-elgoog&tblci=GiDvLtibr-qHBGPg1uC46ebQiypSneEA3HUTkHA8SCGiOyCsr0so7Int3PLJo5Zc#tblciGiDvLtibr-qHBGPg1uC46ebQiypSneEA3HUTkHA8SCGiOyCsr0so7Int3PLJo5Zc
Title: Gansel Rechtsanwälte

Search URL Search Domain Scan URL

URL: https://bing.wallpaper.pics/
Title: Bing Daily Wallpaper https://bing.wallpaper.pics

Search URL Search Domain Scan URL

URL: https://gnib.org/
Title: Bing Mirror - gnib https://gnib.org

Search URL Search Domain Scan URL

URL: https://iploc.org/
Title: IP Address Geolocation Lookup!: IP Location https://iploc.org

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1653474651107&ns_c=UTF-8&cv=3.5&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1653474651107&ns_c=UTF-8&cv=3.5&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&c9=

Request Chain 52

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c046c509-dc15-11ec-a005-17d925990106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&

Request Chain 57

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c04acc06-dc15-11ec-9f5c-12c786060506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&

Request Chain 69

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&

Request Chain 72

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a49216b11bfb49986e515f69379c3f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d1%26gdpr_consent%3dnull&gdpr=1&gdpr_consent=null HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l03f2_7101619555105788901&gdpr=1&gdpr_consent=null HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null

Request Chain 76

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTQ5MjE2YjExYmZiNDk5ODZlNTE1ZjY5Mzc5YzNm&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTQ5MjE2YjExYmZiNDk5ODZlNTE1ZjY5Mzc5YzNm&gdpr=0&gdpr_consent=&google_tc=

Request Chain 77

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=a49216b11bfb49986e515f69379c3f&ex=freewheel.tv&gdpr=0&gdpr_consent=

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
elgoog.im/doabarrelroll/ 25 KB
7 KB 114ms
47ms Document
text/html 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a1acb9801268e6573fb232fdc4d88d39bf4ef436ec01de3f974be286ba93e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1509
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: HIT
cf-ray: 710d9917489673c7-MRS
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 25 May 2022 10:30:50 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8uq6LjCQ6BV4DUuzU2O81dKX941RPcWriSBz5LbtnkGFH8FravIu2OacRmNzJcXfAhTX9wZLQ%2FhbRmB7fMj9QVb4cEycqkRVbNsc7sn7F57yLL%2BtFDwvFbPV%2BlU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding

GET
H2 200 JGK-iSZzO6-4eDwTbSn9A5L1zjQ.js Show response
elgoog.im/cdn-cgi/apps/head/ 4 KB
2 KB 55ms
54ms Script
application/javascript 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/cdn-cgi/apps/head/JGK-iSZzO6-4eDwTbSn9A5L1zjQ.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4cfdf85a96564a4c8631329a80bda1c0cae8eb79ee9302b713f14bb534f8199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6817403
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 886XMWF1P8B57RN2
x-amz-id-2: yfUbBay6xPDNOkM85Clytw+7AGlMdb28lmQvJBuhwj2X28HP2dIiMn6d2m8AyZOfPYHske8eNhU=
last-modified: Thu, 28 Oct 2021 01:57:30 GMT
server: cloudflare
etag: W/"62a92c0a5b3adfda4c5fbfd64ab5afa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LK9%2FlqbHoTvhx8pDbkoDN9G5r1KTscYlYycIoECsk%2FnNStMs7kFMauXaWV60w3k000Lf5UwiHBwq9Wxptv6twj%2FRNt88bbYnDz5VOX3DMVkd%2FpaRIzYqE0ImLQOo%2FtV9QXJsT6%2BXaiA%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: xt0B57GrGU4STsHMwOtrWRPUrzupxY3h
cache-control: public, max-age=31536000
cf-ray: 710d9917a93d73c7-MRS

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6606820cd1f14794d1948eccd87b7f626f51ea909807624e0db931469e1ad522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:05:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 10:30:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 10:30:50 GMT

GET
H2 200 main.min.css
elgoog.im/assets/css/ 19 KB
5 KB 51ms
51ms Stylesheet
text/css 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/assets/css/main.min.css

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e131c4c8d335ea14dd0a192e0d1c73cf41c4ea34721e404f1687e5bc26991f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"67192b2460c27a4b5c2630163df234f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uF6bR2W2uGCHUayKqLagOwv0M6h%2FmY0OvhB9q54q7ndFKQQ9O4ewyGO0D27cCClEja7xenXxrsXfFoz%2Bo7%2BUJ1sKkE1ouSQo6qbjTNhSKd6iJkoWlqEpLMtN1Tw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d9917a94073c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 gserp.min.css
elgoog.im/assets/css/ 13 KB
4 KB 44ms
43ms Stylesheet
text/css 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/assets/css/gserp.min.css

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99dabe65674ff08d597950906f728de2e90f42a8f701f998612e29e2326cf98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"01ee5d0571236404a9d602c0a1c44c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5LU%2Bej%2BW3a%2FQEgtwMYWe6Pp6D2E8qOkUiK%2FvfzhmuKzXLh1uC7FZKg79yAXdVj8dH8zWOFSr7f1BObb4Gjw2PDl%2FkAbExOaovj0TOcv%2B9A7J%2FtNdn8y0PNzQaSk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d9917a94173c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 elgoog-logo.png
elgoog.im/assets/img/ 6 KB
7 KB 52ms
52ms Image
image/png 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/img/elgoog-logo.png

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf379abafd24c9a794e884287fba6ee4de1ec2350ac3f9dae9adb84750a8cd68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6637
server: cloudflare
etag: "9d71f2dd9e71d0d6b0777c9d57b5749e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzGX5c556qBkRicGXLglqrowzA%2F6lybzC1RNOlFjKBR6Elqd8kLCzc7r8%2BgMoAKchlPTgy1kvg3U8nfZbk7owTsXZGh5yMLaJRlDCjT0skuBRfjSehtyMJlSDOc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 710d9917f9f073c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 voice.svg
elgoog.im/assets/svg/ 541 B
978 B 42ms
42ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/voice.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63f6942125ba71554329b49bcaa6880a14753cd6dbf0c965f191fa24c7276128

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"8b37c6aa236e53b42b4460b9b5041166"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EWen4phN7y6MtUxW9fXw8qUuejykztKJyAhX9ASO3SN4L2qz9OXd9b02qlbrjq5%2FPdDEglQgAm75zlWbgoH73F9vadJWzqf0voJKOb8ArQhhE%2FD2i%2B2bxi%2BkRE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d991809fc73c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 apps.svg
elgoog.im/assets/svg/ 642 B
493 B 41ms
40ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/apps.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1c5c4652853e94c755f5306c8a3256b6791e58515b8f76a0432d86f4dc44a46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"9c7a21d7d4681f93345a3f451e514142"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rxvrHmtNJokjiAD9vzOhg6x1ykgATSlJSv2B5GaoV9l39Le%2FaokRsieZYGvroDO%2Fx%2BDJJ7feWDzeRS2ogXHGZ45OMhba1AyrSFxdscany%2BrQaraHVwF6Xsc2uM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99180a0273c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 thanos.jpg
elgoog.im/assets/img/ 15 KB
15 KB 42ms
41ms Image
image/jpeg 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/img/thanos.jpg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9322135fa5f95c6de37d32ba5994c36161a034c936f23ab48772946d28e83790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15168
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "dd5bb6f3d9f96561b7c5242fa3bbe9d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dZ1%2FD44pv2O%2FyH9L54knYjRMVRdxaVAio369qdG6RhVmCfnKVOW1f5THChdIvIu1Xx8XqKNu74JX9oOug6iaZhbqqBADCJvv%2BR2qQz0HNwu3ggmhKAwmbb2Cs8c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 710d99180a0873c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 logo.png
elgoog.im/assets/img/ 14 KB
14 KB 56ms
56ms Image
image/png 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/img/logo.png

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1596a6a93efa761021728a9a9bcfaf993547696023ed0b28042bae0fa10cf1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5436
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14171
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "7f31d99f22476f2789aa3d6a35f40542"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAsRTjDBdblwXxNssjE1%2FMrjwhvHuxVvLxu8oQCNUbi02WaFxduQmd2%2BlRrv1bFfEea3yqPOCIzg7lxcvBSiweYj%2BMxL%2F0dRtXblnwowPjGOAp0Qj8CPzaD5kzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 710d99180a0973c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 more.svg
elgoog.im/assets/svg/ 241 B
440 B 45ms
44ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/more.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b4cba453d787dc3db40d32cdff6d14dec5b34bf969f5a2b96873c4fd7cd5601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"ee3a7c26b9616480e39b37cb7007af9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkNUXE1zd9e4t4pa0j5R9AK%2Bj7vn9SJEXGOAGX5qTU7IhU%2FAqeEPk%2FtE1FihohHUjVaDyj3dB7puKkUGINKn8sdN5c1ZF3PrgQOp1eGo1mb2rl5a0ZBPyBISgrU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99180a0c73c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 search.svg
elgoog.im/assets/svg/ 301 B
506 B 58ms
57ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/search.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb0587cabae102e498ef4a2d70669bdab0408be646988f88aa3f324e6b501cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5436
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"0ba0ebd8dbdf6858be21fa1b8ff0454c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71TKJcDLwRxhVYDHVDlYc9ZMWqCGvYTr7Pu8CVGqmzF8YY0jBkcv635BctIPdAVfXh60Gww09r9U2QTmtZ0CMO6wAffdhpez4juqtvYRAL%2FELBKvjXbSvMPorLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99180a1073c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 rocket-loader.min.js Show response
elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
29ms Script
application/javascript 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Sat, 21 May 2022 16:00:29 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62890c9d-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilhdMWtxv%2F4ZyIOxx3NzvtSgPYPpVd23KwKJtFcVMHSBwOHZubGLn74wazE30PYuuBK7w5LtYv6%2FwYz9giFOZ2Pd6oc%2Fu3uKUxS%2FUm1AKRGBHli04Kyqvauy3tOAOenrXROzBu8zEB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 710d99180a1273c7-MRS
expires: Fri, 27 May 2022 10:30:50 GMT

GET
H2 200 va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 24 KB
24 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elgoog.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 18 May 2022 21:26:11 GMT
x-content-type-options: nosniff
age: 565479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24320
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 21:26:11 GMT

GET
H2 200 va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 24 KB
24 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v18/va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194c18a2b5dd01fb3f988112f03fdba314ad5f0051ecb8b2fbc652b7e7e46438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elgoog.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 24 May 2022 08:45:36 GMT
x-content-type-options: nosniff
age: 92714
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24232
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 May 2023 08:45:36 GMT

GET
H2 200 va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0_uHA.woff2
fonts.gstatic.com/s/quattrocentosans/v18/ 4 KB
5 KB 16ms
8ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v18/va9c4lja2NVIDdIAAoMR5MfuElaRB0zHt0_uHA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Quattrocento+Sans:wght@400;700&family=Raleway:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1bc3363072ad0b31886ece1320b931e252099034ec75c8d136bb49494567c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://elgoog.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 19 May 2022 00:16:47 GMT
x-content-type-options: nosniff
age: 555243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4148
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 May 2023 00:16:47 GMT

GET
H2 200 fb.svg
elgoog.im/assets/svg/ 1 KB
927 B 47ms
46ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/fb.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28ea584ef3058661eae8cb0ab30bfbf4d7a374487f0744233e9742f7da48b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"231a412aa6293ef73f0a81a0a65d6066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmqSwgL3FtxEHYqsTU7%2FaAQ5%2FWe4bv2CafLzygdTIrGAhUfMc1HybrkqdJWaAiT9QR2%2BNJIgRoJFsDp6OgnnSWhQPm03SMMEPSCPy9vyAwPlpOE4ISHfD3%2B2nM4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a6273c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 tw.svg
elgoog.im/assets/svg/ 1 KB
1 KB 45ms
44ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/tw.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2501206bc2dd1946397e5af73148a1068f4eed77f5a85ffd37f500c8bad192ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"8e4944108c72d9b921adbb47e0501b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHUiAZN3SJEsVz5030lvfAnQ%2FNeuHv0RLZYNUwEpCyzCG7QjyCrV4irl%2FBxngbL80O2%2Fj2exRGO%2BzuEsSSzxj3rQiow9Z2H25hvPeXQuZofxV2pcKIJdrExrGc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a6373c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 search-blue.svg
elgoog.im/assets/svg/ 301 B
583 B 50ms
49ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/search-blue.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acf14e0a13c96e5c7c99efd6422b00c9359431ad7de82a1ef6fcb6e87c5815f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9eda1a9f02add38c08b97b8155890a84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMW30fLJ2276rGfkl9Z3YHaiBG1%2BglRXQYpiyfhtoa8UUxYswSbx5Ezzp0q3tZW5qZnzVaJsW32n8YxJCqnqK%2FqHd1fz%2FZZGFjmpbmuoiFen6Sm2wpQR3q3ECel26QaHlQ6A%2F0o4ye8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a6573c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 all.svg
elgoog.im/assets/svg/ 422 B
538 B 51ms
49ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/all.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d334796ed24f1592e5514975e6ae4a0b32ba830f7de8ac19b8666e0ffb61106b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"e932ee1b68b623ea25aca4c25fb2eda9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woDi8y7Dq6oxS0oBT2AE8MIgNTfrHPrjdtL4NlPbR7T%2FSWLN0lgoB1atdePw7sGRqrFHOkWMx2UquXF0Q6W7%2Fw6G0Y3XmCnKWLJUe%2FUp0wduSi5qmptTZNXyHos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a6873c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 news.svg
elgoog.im/assets/svg/ 370 B
641 B 57ms
55ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/news.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1942220c39ba3ba7d5c78e1630b26733e1dd36266ed776b37d4b26378c6fa776

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"2a9058d3dfec5583a52779df9ef2f0c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UIstnaqS%2FPTYZiwpQDKXkGYeqJ4s%2FhvCWHB%2FZVO8IFmtD6aGiydSLYekThXDdSK%2FGcljdclPkowmNDXvls4ViS2EEUo488k8iMkN%2BNzolTXBdBaWsULZCNLdUsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a6a73c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 books.svg
elgoog.im/assets/svg/ 202 B
450 B 50ms
49ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/books.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

556d7e04634efda779d9deaab33a5f47614b9901fc5e04a1e4ae88b537a84b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"54029cbac58eea6d55b5b85944c9c42b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2esRXzdDk9IrWXi75NrtaP5ekEpcMjqRUz4Bb67uqXThvQJZ3V6sXsAjvFkAmfA6Zul%2B5dY%2Fww%2BMl51COSCJGehJNPP%2FzbDrUifncC91e99OAfg0PUANahjDHs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a6f73c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 images.svg
elgoog.im/assets/svg/ 342 B
528 B 51ms
49ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/images.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff31f9b277062c2bffd781a2343ae0ee0b7e1e69bc5f91297e6bd991fc6bb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"8697eb900cc42855b28ece8d5ae68de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmdBMyEdHlDGY81OfdPIp1R5U4DsLOgMQmPUQLGo3jtbv8XIgRriCh8otN6WDdTn17TDyovCYCaLerdaheR%2B1vNbIHtWnMmOCfTWDVsj1ROaSVJLM4UhHrlhNaE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a7173c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 videos.svg
elgoog.im/assets/svg/ 291 B
510 B 45ms
44ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/videos.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83e3bff4dcaa29f460fc8e9a74624323e8432c669498dd864d71cf790178c724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2868
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"2f23f52847b8890a3075832cb43c4ccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11Gl6JYC08U8n7Y3FqH2ht7WA6TzIPzFM%2BoABKKWEJfApiQ%2Fpyom2NzaSgFYRHDatj0Lkh2GIG7hcd2Rah%2BMeMD36Ysu%2F2%2FT6fUv2WvlBPYdjq4RMLUGDce%2BNtidkODUsChSqaXnbFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99182a7373c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 nav_logo242_hr.png
elgoog.im/assets/img/ 3 KB
4 KB 49ms
49ms Image
image/png 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/img/nav_logo242_hr.png

Requested by

Host: elgoog.im
URL: https://elgoog.im/assets/css/gserp.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07b825de47aba3c06f0193a05591ef370ba361c9080952cb7e9be1963cede860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/assets/css/gserp.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5436
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3104
server: cloudflare
etag: "46d466650dbe2ccf025092859c0a4010"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SwYWAhI2FKYv2jeSYhiCcPXmqZPAxdZHeb3pCGBrZ4pKlHhU4E%2FPInlUSlppHNeMj%2FOANF3AaTwe328ls9AdrNTB%2FOvOf0zeuapq3v9e8IRQ%2FAwxpLViYaQsH0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes
cf-ray: 710d99183a7773c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 favicon.svg
elgoog.im/assets/svg/ 417 B
586 B 59ms
58ms Image
image/svg+xml 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://elgoog.im/assets/svg/favicon.svg

Requested by

Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

383e2e78b469b28d9c6d0aaf59e5e0572019748b9e5c75a856efcfba87ed573f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1769
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"127610383b1aa127f7e6482c88ebdd62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFNUPppvCPRJZecArU1qZv%2FPbyYT6NB1rYnaSNVmuebNVLaVArbZ4akPGykhiof3Vuvj6Wl%2F%2BF%2BaZ221Z3QWgwZhsxzSPIj6b9wmogOvw7UdhGIA%2BrGn6Q82cDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99185acf73c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 explode.min.js Show response
elgoog.im/assets/js/lib/ 2 KB
1 KB 53ms
52ms Script
application/javascript 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/assets/js/lib/explode.min.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14166eabe44d946655052e3491bf6db12dcd22a7a9bbbb98e69e2d65c6ed3108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1508
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"082d70c1c3a03975d2f4cb761e86bf2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6zZZ7kRSRQhXT1wJKH0ONZzvEaEfoL3DdM%2BHY%2BWz%2FzORbr08VxdumskoIxj77AMDWFWhko4DgC8ZF94SD%2B2QNzGQTe3yKy%2BYZNzXGNujAI%2FRlxH2fUpda1ncqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99185ad273c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 main.min.js Show response
elgoog.im/assets/js/ 15 KB
5 KB 57ms
57ms Script
application/javascript 2606:4700:e6::ac40:c71d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://elgoog.im/assets/js/main.min.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e6::ac40:c71d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed0dab6394966fd41ab1ed7a747f4641704f72210a354633604893eacb067b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/doabarrelroll/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5437
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"be157bcffd4f4029be935f7da3fc6351"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTPdzjvmfjSl2Yw0ZlIr33A8dycoftKgqM1ky9OxBUrwpbLpLrenf4iz%2FORjPnSn4%2FVy6E7A04dAlcn73RgAYK4O1PFDx2K8lEhpArJ0jD96aPPEizKsxN8vEfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=0, must-revalidate
cf-ray: 710d99185ad573c7-MRS
link: <https://cdn.taboola.com>; rel=preconnect, <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 autotrack.js Show response
cdn.jsdelivr.net/npm/autotrack@2.4.1/ 24 KB
9 KB 55ms
25ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/autotrack@2.4.1/autotrack.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 463768
x-jsd-version: 2.4.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"60d8-QRhmNecSdvVfNQtmuCchg0p40iU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzRLojRzhGgwQ4n8x3BiEakMFLsFynI7gzqFoidOd3VF2Sw%2BmTqUZcn9jRU3%2FQB39BQVB4369kSFQbHc1B1y2858TWYeBYqF4vb7eB74q4TCLBrp%2BfNFAstMdor3fTZZMxZDeJpUOBfaTSm6I2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 710d99187f960215-ZRH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 702
date: Wed, 25 May 2022 10:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 12:19:08 GMT

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@1.11.3/dist/ 94 KB
34 KB 60ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5620050
x-jsd-version: 1.11.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19165-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2Al7fH%2FNJTL61xs%2Bsmv2D2mqXSMUt3k8O%2Fj%2Fwl7L2hY4q0EeRHwNMztpGCZ9eyB%2BW7Kl4RTL34nhGTB%2B1uqnMXEHDiQRS5poSyx2gYKHjE3rmOnjjHKsb2JjBsSXoWtMBLuKqYuNJzSlhmNW7k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 710d99187f980215-ZRH

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/iploc-network/ 137 KB
24 KB 46ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Requested by: Host: elgoog.im
URL: https://elgoog.im/doabarrelroll/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fac8cd4087fee5f9200327d7517f5d78593dfb1c596ba74f949d3ba0b9bc279e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: IMbkgSSdWKqOAovSGSb2OsRb5aX5U3Rb
content-encoding: gzip
age: 3953
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 9
content-length: 23736
x-amz-id-2: jLwLUK0Fmn+w98XpDeeO2xR7IptkA4fL0bIoS5ESGOwVpqb2JnRRKRMy9+LpFMi1CzI+x7kYw8Q=
x-served-by: cache-hhn4032-HHN
last-modified: Wed, 25 May 2022 09:04:57 UTC
server: nginx
x-timer: S1653474651.991740,VS0,VE1
etag: "9771976ee875a0ba5eb94a05261f7e850f269350"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: G1R400BYKQV31AV1
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Wed, 25 May 2022 10:30:50 GMT
abp: 25
x-cache-hits: 1

GET
H2 200 impl.20220524-4-RELEASE.js Show response
cdn.taboola.com/libtrc/ 656 KB
135 KB 10ms
10ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 64ee48a75bba910ae3cce2195af0632d1da35293feb07171200d0f2e5a5883a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: zYjmxDgoq4lPxQQAs_J2Ib7wDUTZbp1C
content-encoding: br
etag: "98c2ae247a609198e8e0bf6ea331c52f"
age: 5859
x-cache: HIT
content-length: 138203
x-amz-id-2: 9VimWg1dJ1cudTV45XVRYqPs5HaiXwscv3QsJ7FgTcEObxCywPNaGT3PI6Y6PCQc8bjUPP5nTEE=
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 24 May 2022 08:45:21 GMT
server: AmazonS3-br
x-timer: S1653474651.057819,VS0,VE0
date: Wed, 25 May 2022 10:30:51 GMT
vary: Accept-Encoding
x-amz-request-id: MRVJG2EPP34P26Q1
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 89
x-cache-hits: 4364

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 29ms
8ms Script
application/javascript 99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:04:45 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 30375
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Oa4Fr8vMs817YEa5nnSkCKF_F-bNq0O4NqplmHfWkJizRQgm6fFsIA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
202 B 14ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=438903055&t=pageview&_s=1&dl=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&ul=en-us&de=UTF-8&dt=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEABEAAAAC~&jid=309792561&gjid=91455490&cid=631957869.1653474651&tid=UA-20764615-1&_gid=943325503.1653474651&_r=1&_av=2.4.1&_au=362&did=i5iSjo&z=2065196137

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elgoog.im
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-20764615-1&cid=631957869.1653474651&jid=309792561&gjid=91455490&_gid=943325503.1653474651&_u=aGBAAEAAEAAAAC~&z=501749526

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 10:30:51 GMT
content-type: text/plain
access-control-allow-origin: https://elgoog.im
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/iploc-elgoog/trc/3/ 7 KB
4 KB 413ms
406ms XHR
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/iploc-elgoog/trc/3/json?tim=10%3A30%3A51.095&lti=deflated&data=%7B%22id%22%3A907%2C%22ii%22%3A%22%2Fdoabarrelroll%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1653384106990%2C%22vi%22%3A1653474651093%2C%22cv%22%3A%2220220524-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F%22%2C%22vpi%22%3A%22%2Fdoabarrelroll%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1651%2C%22nsid%22%3A%22iploc-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-1X1%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22uip%22%3A%22doabarrelroll-300%22%2C%22orig_uip%22%3A%22doabarrelroll-300%22%2C%22cd%22%3A321%2C%22mw%22%3A398%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-1X1stream%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22uip%22%3A%22doabarrelroll-468%22%2C%22orig_uip%22%3A%22doabarrelroll-468%22%2C%22cd%22%3A308.546875%2C%22mw%22%3A468%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fdoabarrelroll%2Cdoabarrelroll-300%3Dthumbnails-1X1%3Apub%3Diploc-network%3Aabp%3D0%2C%2Cdoabarrelroll-468%3Dthumbnails-1X1stream%3Apub%3Diploc-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 94d3fa9875f065ed5a22df95b4abc0339575e7181451b960015d16e19b83d741

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 400
date: Wed, 25 May 2022 10:30:51 GMT
content-encoding: gzip
server: nginx
x-timer: S1653474651.106835,VS0,VE400
x-served-by: cache-hhn4032-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://elgoog.im
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1653474651107&ns_c=UTF-8&cv=3.5&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fdoa...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1653474651107&ns_c=UTF-8&cv=3.5&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fdo...

0
190 B

7ms
6ms

Image
text/plain

99.86.4.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1653474651107&ns_c=UTF-8&cv=3.5&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&c9=
Protocol: H2
Server: 99.86.4.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-2.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 5T05JEAICKMUN3dnnPExIAu_wAAX7vKNuRRQzOD72XxUgt34-sokYw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=7&c2=34354936&c3=1&ns__t=1653474651107&ns_c=UTF-8&cv=3.5&c8=Play%20%22Do%20A%20Barrel%20Roll%22%20Google%20Tricks%20-%20elgooG&c7=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&c9=
date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: M6b_h16eHp5rGTYRKOC59MoudUlvay8As7riQvvL78PRsliNtB3C5w==
x-cache: Miss from cloudfront

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 51ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20764615-1&cid=631957869.1653474651&jid=309792561&_u=aGBAAEAAEAAAAC~&z=1372928402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 52ms
32ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-20764615-1&cid=631957869.1653474651&jid=309792561&_u=aGBAAEAAEAAAAC~&z=1372928402

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tb Show response
15.taboola.com/ 33 KB
9 KB 28ms
27ms XHR
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=iploc-elgoog&unitType=226&tbloc=&pageType=text&pstn=doabarrelroll-300&uuip=&cisrf=&cirf=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&encoded=1&uid=64598829-fbff-4cde-88ef-62ec187c0548-tuct9878adb&variant=-100|1786072121&callback=TRC.videoTagCallbacks.videoCallback1&cb=1653474651545&tagid=&cntry=DE&platform=1&sesid=4979c5779389325730c347af6fc23b25&itemid=/doabarrelroll&viewid=1653474651093&geolat=&geoing=&deviceifa=&appid=&sd=v2_4979c5779389325730c347af6fc23b25_64598829-fbff-4cde-88ef-62ec187c0548-tuct9878adb_1653474651_1653474651_CNawjgYQ39VFGNXXk9aPMCABKAEwODib4wlAhIoQSLCG2ANQo-wQWABgAGiqt-mTyZDihwRwAA&ri=a0549d5f65a7ac81a4da9733bade7f35&appname=&cdb=&gdprApplies=true&rid=&sii=62226207891002834&oee=true&tpubid=1141471&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=HE&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1138861&prcnt=&layer=&normp=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b77ef1839b834413a8c7b2495d214e6224cdc662ee4ee2d9e06f13972a0b5f28

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 25 May 2022 10:30:51 GMT
content-encoding: gzip
access-control-allow-origin: https://elgoog.im
machineid: 1450
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn4032-HHN
pragma: no-cache
server: nginx
x-timer: S1653474652.553848,VS0,VE18
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20220524-4-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 9ms
9ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20220524-4-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/iploc-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5f8228a2ee49a5f43913d746181b1687f93a3abe9d5bb2bc4e259a5256daa46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: nBU8.8c57B9g8lb_YL7ncKm67oNmGmx0
content-encoding: gzip
etag: "fb167e88912f459277d64294995a78e8"
age: 5129
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: xqrNbjc3f3xzNv23RImR+PLi79a6K82tSTuRt8mezLqkpbDJvI5HupsV2ZHs6JF5aHkjTC3VF9U=
x-served-by: cache-hhn4032-HHN
last-modified: Wed, 25 May 2022 09:01:45 GMT
server: AmazonS3
x-timer: S1653474652.553804,VS0,VE0
date: Wed, 25 May 2022 10:30:51 GMT
vary: Accept-Encoding
x-amz-request-id: TBPWQDWZWC3HZJ5N
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 89
x-cache-hits: 2102

GET
H2 200 805b1b6651c0d82b498852fc2347ba0e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 18 KB
19 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805b1b6651c0d82b498852fc2347ba0e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aba17cad8beff1ee02d9d2d10fc8be8f6cd39ac34a8bdca22a79c230ed1fe351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1743999
edge-cache-tag: 373854834127470723544447893847573368189,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
cache-tag: 373854834127470723544447893847573368189,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 22
x-cache: MISS, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805b1b6651c0d82b498852fc2347ba0e.jpg
content-length: 18054
x-request-id: 26735be48bc95cd742088bc25adaa935
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Thu, 28 Apr 2022 14:43:42 GMT
server: nginx
x-timer: S1653474652.564276,VS0,VE1
etag: "dc08413a7479dd5018191c66d2e57a6a"
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kiad7000171-IAD, cache-bur-kbur8200107-BUR, cache-iad-kiad7000085-IAD, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 1

GET
H2 200 ca6bd273cb1ef1b7a52835b697fec087.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
7 KB 8ms
8ms Image
image/webp 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca6bd273cb1ef1b7a52835b697fec087.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b114805b2dfabc02b1aea38b4860aa5810faa819c60fb3ed45aeb8acf638889b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 67889
edge-cache-tag: 548121908048362485886590233259429775010,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548121908048362485886590233259429775010,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1478
x-cache: MISS, MISS, MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca6bd273cb1ef1b7a52835b697fec087.jpg
content-length: 6750
x-request-id: 79da7c8e10e4e5d9c9d23d7aee039998
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 12 May 2022 13:37:10 GMT
server: nginx
x-timer: S1653474652.576234,VS0,VE1
etag: "e57a3268a904c3d477e9115b1324f381"
x-served-by: cache-iad-kcgs7200052-IAD, cache-iad-kjyo7100065-IAD, cache-sna10729-LGB, cache-iad-kiad7000169-IAD, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.8.2/ 99 KB
29 KB 7ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.8.2/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ac255568412b3bb19f22a535c538809e104eaf0dae0d7b0668794143bdfd66c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 ad46d498157a92ab1076f74db460670c.cloudfront.net (CloudFront), 1.1 varnish
age: 91626
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 28878
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 24 May 2022 09:03:03 GMT
server: AmazonS3
x-timer: S1653474652.582409,VS0,VE0
etag: "ae31d31b347a9ac42abc7894dfcac680"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 3xTPWbz69si2mmKrktJMO06hQZ58hrQoh3IfBJmkMaQzkEXrGrEJ4Q==
x-cache-hits: 2949

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805b1b6651c0d82b498852fc2347ba0e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: aba17cad8beff1ee02d9d2d10fc8be8f6cd39ac34a8bdca22a79c230ed1fe351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 1743999
edge-cache-tag: 373854834127470723544447893847573368189,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
cache-tag: 373854834127470723544447893847573368189,328465818219459322084426753649357084094,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 22
x-cache: MISS, HIT, HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_480%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/805b1b6651c0d82b498852fc2347ba0e.jpg
content-length: 18054
x-request-id: 26735be48bc95cd742088bc25adaa935
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
last-modified: Thu, 28 Apr 2022 14:43:42 GMT
server: nginx
x-timer: S1653474652.594405,VS0,VE0
etag: "dc08413a7479dd5018191c66d2e57a6a"
x-served-by: cache-iad-kcgs7200141-IAD, cache-iad-kiad7000171-IAD, cache-bur-kbur8200107-BUR, cache-iad-kiad7000085-IAD, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca6bd273cb1ef1b7a52835b697fec087.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b114805b2dfabc02b1aea38b4860aa5810faa819c60fb3ed45aeb8acf638889b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 varnish, 1.1 varnish
age: 67889
edge-cache-tag: 548121908048362485886590233259429775010,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
cache-tag: 548121908048362485886590233259429775010,578186325799484233920726124365690226355,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 1478
x-cache: MISS, MISS, MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_172%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca6bd273cb1ef1b7a52835b697fec087.jpg
content-length: 6750
x-request-id: 79da7c8e10e4e5d9c9d23d7aee039998
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
last-modified: Thu, 12 May 2022 13:37:10 GMT
server: nginx
x-timer: S1653474652.594569,VS0,VE0
etag: "e57a3268a904c3d477e9115b1324f381"
x-served-by: cache-iad-kcgs7200052-IAD, cache-iad-kjyo7100065-IAD, cache-sna10729-LGB, cache-iad-kiad7000169-IAD, cache-hhn4032-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 6C58 742 B
524 B 20ms
18ms Document
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=undefined&cb=1653474651871&uv=3186&tms=1653474651871&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=CC18435F67229788591766827985&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://elgoog.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 25 May 2022 10:30:51 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4032-HHN
x-timer: S1653474652.883835,VS0,VE11

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 4802 742 B
828 B 92ms
25ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: https://elgoog.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 25 May 2022 10:30:51 GMT
machineid: 3406
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 4 KB
3 KB 54ms
47ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=398&height=223&pubid=169497&tagid=953497&crid=6619425&noaop=3&sortOrderType=0&cb=1653474651884&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1411&pt=172707912&tz=0&viewable=true&ddast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3103655&dpubid=393585&abtst=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&mPre=0.033&cirf=https%3A%2F%2Felgoog.im&en=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 282ad7442bfbd24851ca280296c78161dd968d124d0b1c1b750d26092f8a5c80

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain

Response headers

date: Wed, 25 May 2022 10:30:51 GMT
content-encoding: gzip
access-control-allow-origin: https://elgoog.im
machineid: 1432
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4032-HHN
pragma: no-cache
server: nginx
x-timer: S1653474652.898307,VS0,VE41
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://ads.stickyadstv.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 764ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=31589837&cb=1653474651870&uv=3186&tms=1653474651870&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1653474650677.8!ts:1653474651870&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
content-length: 0
server: nginx

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 6C58 43 B
183 B 363ms
92ms Image
image/gif 2600:1f18:612b:4216:68f0:5178:951f:deb4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=undefined&cb=1653474651871&uv=3186&tms=1653474651871&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=CC18435F67229788591766827985&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:68f0:5178:951f:deb4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6C58 70 B
264 B 100ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=undefined&cb=1653474651871&uv=3186&tms=1653474651871&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=CC18435F67229788591766827985&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 6C58
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&

0
98 B

22ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=undefined&cb=1653474651871&uv=3186&tms=1653474651871&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t45!t45!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=CC18435F67229788591766827985&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13118

Redirect headers

Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 11
Connection: keep-alive
Content-Length: 0

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/31_8_6/infra/ 753 KB
130 KB 21ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 21189d1be801401ec412b1f3166bf0e4638b4102eb4ac329f3d72badda2dea2a

Request headers

Referer: https://elgoog.im/
Origin: https://elgoog.im
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 varnish
age: 234438
x-amz-meta-mtime: 1653240061
x-cache: HIT
x-amz-meta-ctime: 1653240062
x-amz-meta-mode: 33188
content-encoding: br
content-length: 132394
x-amz-id-2: SlENJv/P9Ji2555uO0VhMWSyZYQGwOh9jt9l/UnXcGpvVSLHcefVnqVxoq/fdMbppSd39ab9cnY=
x-served-by: cache-hhn4062-HHN
accept-ranges: bytes
last-modified: Sun, 22 May 2022 17:21:03 GMT
server: AmazonS3-br
x-timer: S1653474652.966076,VS0,VE0
etag: "ecf0f07785e09878e02cc79679d58ca9"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: 3T3HZF7WZB5Q1P7D
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 2805

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/31_8_6/assets/css/ 63 KB
9 KB 7ms
7ms Stylesheet
text/css 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/31_8_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.8.2/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:51 GMT
via: 1.1 varnish
age: 234439
x-amz-meta-mtime: 1653240115
x-cache: HIT
x-amz-meta-ctime: 1653240115
x-amz-meta-mode: 33188
content-encoding: br
content-length: 8297
x-amz-id-2: SiKMhBaWj3cPaBsiJyixAuTebxaVcQp+Y50dFUdVUhd1sXQYyflqhQdTtNCvHGxdBXfDMrDi984=
x-served-by: cache-hhn4032-HHN
accept-ranges: bytes
last-modified: Sun, 22 May 2022 17:21:56 GMT
server: AmazonS3-br
x-timer: S1653474652.952105,VS0,VE0
etag: "a28320a69408adba1f01f56d6eb80708"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: YEV7758FMAR057BW
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 60406

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4802 70 B
265 B 32ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame 4802 43 B
182 B 296ms
92ms Image
image/gif 2600:1f18:612b:4216:68f0:5178:951f:deb4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:68f0:5178:951f:deb4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 4802
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&

0
98 B

22ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13118

Redirect headers

Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 97
Connection: keep-alive
Content-Length: 0

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
17 KB 8ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront), 1.1 varnish
age: 684092
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn4032-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1653474652.043450,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: XiPzI3T7-j00LduMNKNm2rmlUDrCpSGT1aq1AjMdveabScX3DbI-Pg==
x-cache-hits: 164823

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 7ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront), 1.1 varnish
age: 793054
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn4032-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1653474652.086485,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: t1A-OC7FrDGZJC7Tp3c5Te6utmhBjz82_E5tKO0J_wHxk5doBZKsXQ==
x-cache-hits: 192226

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 8ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront), 1.1 varnish
age: 2485184
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn4032-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1653474652.092615,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dMQndaMYz4lAKRlFPrdUyMaueOEjTlwBX-FuhX2o7-w7PeNmsjlMEw==
x-cache-hits: 477939

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v14.1.1/ 563 KB
115 KB 11ms
6ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.1.1/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 775b0234c08a7a1f56f0853af32a314ed4d082fdc778d1dde0754edec2740389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 varnish
age: 187833
x-amz-meta-mtime: 1653286750
x-cache: HIT
x-amz-meta-ctime: 1653286763
x-amz-meta-mode: 33188
content-encoding: br
content-length: 117581
x-amz-id-2: zSBDXrxYxQeHI9wcBB1rZRcavavJ1CJ2TvJ74SYuyWCUiXIQmXynIzxvl3ofjYbWLWUxNBgrx9s=
x-served-by: cache-hhn4032-HHN
accept-ranges: bytes
last-modified: Mon, 23 May 2022 06:19:24 GMT
server: AmazonS3-br
x-timer: S1653474652.114023,VS0,VE0
etag: "95cd1dd1c7ca7519ad2e10fbc13f10b5"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: PV0DZ21XWEJVCP9G
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 50069

GET
H2 200 sync Show response
am-match.taboola.com/ Frame FB32 742 B
827 B 26ms
24ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://elgoog.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 25 May 2022 10:30:52 GMT
machineid: 3406
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 533ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66375605&crid=6619425&dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&cmcv=&pix=&cb=1653474652080&uv=3186&tms=1653474652080&su=&abt=aat1_vA!adh5c-1_vA!dfrc_vB!esv_vC!inc_all_video_vA!spa2_vA!t120!t45!t45!ufm_vA&ft=0&unm=WIDGET_ITEM&mntl=1&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
content-length: 0
server: nginx

GET
BLOB 206
Partial Content 343ab225-64f1-4e9c-9d02-8d281007759c
https://elgoog.im/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://elgoog.im/343ab225-64f1-4e9c-9d02-8d281007759c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 9744d2b8-1f89-4c6b-988b-ae6c1d47543a
https://elgoog.im/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://elgoog.im/9744d2b8-1f89-4c6b-988b-ae6c1d47543a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H/1.1 200
OK 12599937 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 83ms
22ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/12599937?_fw_gdpr=1&schain=1.0,1!taboola.com,1141471,1,-1637197795&_fw_us_privacy=1---
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.1.1/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20cf7ac50f00a7fb6c4d95efbece2323a88e42350edf3ae59ae52937c9ef47d8

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://elgoog.im
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1178
x-sticky-vk: 1653474652232011-568
Expires: Wed, 25 May 2022 10:30:52 GMT

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame FB32 43 B
182 B 92ms
92ms Image
image/gif 2600:1f18:612b:4216:68f0:5178:951f:deb4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:68f0:5178:951f:deb4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame FB32 70 B
264 B 32ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame FB32
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&

0
98 B

15ms
15ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7CbcCFgMv64KgP9H6wgQv64KgP9H6wgUAAAAGBuIHHMNhDEeb1Yy2m0yWu-FwtVzsZrPhZLccroawMRzGcLRZzWi7yWS5Gw5Xw9lutlkNJpPlFCLI77A4LJeX2fI3m92awWANIGg6HT7XvV5l9vn9PrvS7Rf5HRaH5fIyW_5ms18OAAAAAA8AZQEhED-AAAARAAAAABIAAAAAFAEV_xYCFwAAAAAYAAjRSRoAUBwRZnnYvTbX5XRQuA1qh9PuDwCAhwcQAAABDBIAg4C4EoCXrdMTAAAAAAAAAACW_____5gB-udaGQKAnJgegAcfgAeiAtUiRgAAAADZQJcDR5M6obKoAgAgSLcCuAIACADUJ243DQMAAAgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJIhR9pQQq4Umq_gAAAa7-AAABs6gYA8BYAF3QErRgMVqcQu-FssJssJovZAQAAANz9____64HQcrfcuHa75Wa43ExWu81g4xntFjbbzGPZTCyr7YnrvZ9w2A4s90WQ32FxWC4vs-VvNrs1g8H8JmwxWk0mm-VwtlxMBsPRcDTa30AMFgOciMFyOZksJrvVaDXaDHej2WCBAjGYIEWLBpPVaDRZTIar0WQ1Wy52uw1StGo1G20Gw9VsMtvtVsPBcDka4YQtRqvJZLMczpaLyWA4Go5GQ4Sx0Wo5HE6Wa5nFZnOLNiaXWzhc2dyyycrjGO42htVouBa9PqbncDdcmCxeFAzY2IvgIp0oDWe_x60y-_x-n0Us0Zws0onssi8td8uNa7dbbobLzWS12ww2ntFuYbPNPJbNxLLa10ar5XA4Wa5lFpvNLdqYXG7hcGVzyyYrj2O42xhWo-Fa9PqYnsPdcGGy-Buz1Wa0G81Wi31jttqMdqPZarHv0Bm-q8_Z6CxnNR6dWOw6F4Y2h0HhMli8P4lpMe3ODqKT7-iUOTzKgs7ou3WPXoPCc_CYjtNbbWpeS0yj79J7MChiieB0kU5EL-PpIpZInhbpRGFYjZYj18y2WvgWHuNiYRo5nLvNZuIwuXwzz2oilihNF-lEL_I7LA7L5WW2_M1mi_qPDLLYzWWjuWK1mGtWCQAAAAAAAABgCXPmTQAAAABOg1luVsPVcgEi1L51gRCsY1U9nhR2Abol0BIgKqSLGz9mSMPZ73GrzD6_32dlgAiwVubNnglirVbLGgAAQAAbAAAggFs3bwFkkRw!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13082

Redirect headers

Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c04acbb6-dc15-11ec-9f5c-12c786060506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 140
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 3D75 337 KB
114 KB 59ms
10ms Script
application/x-javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v14.1.1/OvaMediaPlayer.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 8b27976767ef837d2f3c0e8d3c43e2821034cf59b38ea798ec8628f9144ee835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:30:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 15:20:32 GMT
ETag: "1649863232"
X-HW: 1653474652.dop003.fr8.t,1653474652.cds144.fr8.shn,1653474652.cds144.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 116268

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 3D75 25 KB
25 KB 50ms
8ms XHR
application/octet-stream 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1653474652441
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Wed, 25 May 2022 10:30:52 GMT
Last-Modified: Wed, 13 Apr 2022 15:20:32 GMT
ETag: "1649863232"
X-HW: 1653474652.dop222.fr8.t,1653474652.cds151.fr8.shn,1653474652.cds151.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://elgoog.im
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a49216b11bfb49986e515f69379c3f&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l03f2_7101619555105788901&gdpr=1&gdpr_consent=null
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null

70 B
264 B

30ms
30ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653474652760028-525
Expires: Wed, 25 May 2022 10:30:52 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 3D75 301 B
848 B 27ms
19ms XHR
text/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=12599937&loc=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept: application/xml, text/xml
Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Access-Control-Allow-Origin: https://elgoog.im
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 301
x-sticky-vk: 1653474652452050-560
Expires: Wed, 25 May 2022 10:30:52 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 3D75 67 B
0 94ms
85ms XHR
application/xml 184.30.21.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=12599937&_fw_gdpr=1&_fw_us_privacy=1---&schain=1.0%2C1!taboola.com%2C1141471%2C1%2C-1637197795&vav=6b1a5d7453e5f322832b386f6a957bb1&vaviv=480746c4da23e7bc09a286437d2c1f53&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.12.4.4&focus=true&percentViewable=100&componentId=vpaid-adapter&loc=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&playerSize=398x223&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.21.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-21-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://elgoog.im
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1653474652458056-523
Expires: Wed, 25 May 2022 10:30:52 GMT

POST
H2 204 bulk Show response
trc.taboola.com/iploc-elgoog/log/3/ 0
263 B 15ms
14ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/iploc-elgoog/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1653474653.555906,VS0,VE8
x-served-by: cache-hhn4032-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://elgoog.im
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTQ5MjE2YjExYmZiNDk5ODZlNTE1ZjY5Mzc5YzNm&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTQ5MjE2YjExYmZiNDk5ODZlNTE1ZjY5Mzc5YzNm&gdpr=0&gdpr_consent=&google_tc=

170 B
188 B

33ms
17ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTQ5MjE2YjExYmZiNDk5ODZlNTE1ZjY5Mzc5YzNm&gdpr=0&gdpr_consent=&google_tc=

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=YTQ5MjE2YjExYmZiNDk5ODZlNTE1ZjY5Mzc5YzNm&gdpr=0&gdpr_consent=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=a49216b11bfb49986e515f69379c3f&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

401ms
101ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=a49216b11bfb49986e515f69379c3f&ex=freewheel.tv&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 10:30:52 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2GMGK95E6GJW2T9VFM2X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 10:30:52 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=a49216b11bfb49986e515f69379c3f&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1653474652524019-514
Expires: Wed, 25 May 2022 10:30:52 GMT

POST
H2 204 visible Show response
trc.taboola.com/iploc-elgoog/log/3/ 0
60 B 16ms
15ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/iploc-elgoog/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1653474653.565058,VS0,VE9
x-served-by: cache-hhn4032-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://elgoog.im
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

POST
H2 204 visible Show response
trc.taboola.com/iploc-elgoog/log/3/ 0
61 B 18ms
17ms XHR
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/iploc-elgoog/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 11
pragma: no-cache
date: Wed, 25 May 2022 10:30:52 GMT
via: 1.1 varnish
server: nginx
x-timer: S1653474653.568742,VS0,VE11
x-served-by: cache-hhn4032-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://elgoog.im
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
762 B 13ms
12ms Image
image/png 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 11625
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: yeuhtSaIHTRzn5Sb/BhoRbmorY6jlIGKTN3jBjNJ2gjscig6jQv3GZOmCUvDSqzUCzHWH69H00k=
x-served-by: cache-hhn4032-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1653474653.584195,VS0,VE0
date: Wed, 25 May 2022 10:30:52 GMT
x-amz-request-id: DM4PBFJ9QH08DD7N
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 89
x-cache-hits: 3615

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20220524-4-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-amz-version-id: Q93sCEWoqxiO0LdTLulEOAOmIgRcHF1L
content-encoding: gzip
etag: "8cbcf8a5c724c32aa9be09d14a4c624d"
age: 1410
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 923
x-amz-id-2: eBvA3Cn7Vmi0RQPvR7kaz9zs14aMYgzx2uA7jWWQOie8bh08mSXjXMH6nljkG1Q4xYusyg4kNp0=
x-served-by: cache-hhn4032-HHN
last-modified: Tue, 05 Apr 2022 10:34:30 GMT
server: AmazonS3
x-timer: S1653474654.540631,VS0,VE0
date: Wed, 25 May 2022 10:30:53 GMT
vary: Accept-Encoding
x-amz-request-id: 81KT1GAWAE081RQZ
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 89
x-cache-hits: 2210

GET
H2 200 / Show response
pips.taboola.com/ 4 B
117 B 11ms
6ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:53 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn4062-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://elgoog.im
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 300ms
93ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=64598829-fbff-4cde-88ef-62ec187c0548-tuct9878adb
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 25 May 2022 10:30:53 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 61ms
13ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: elgoog.im
URL: https://elgoog.im/assets/js/main.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 25 May 2022 10:30:56 GMT
x-host: s7.addthis.com
content-length: 116419

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 85ms
26ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:56 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=35880
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5adc4100e40b3cfe/ 2 KB
802 B 68ms
67ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5adc4100e40b3cfe/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 34a74a36d62cecaa04cb75c0f8ad5f892a6e878356a70c88d4667a6560ed25f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:30:56 GMT
content-encoding: gzip
etag: 749136666--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=24, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 626

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 266ms
151ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=628e05604ba7eaf6&bkl=0&bl=1&pdt=5376&sid=628e05604ba7eaf6&pub=ra-5adc4100e40b3cfe&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=elgoog.im&fp=doabarrelroll%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1653474656193&jsl=1&uvs=628e056085fef299000&skipb=1&callback=addthis.cbs.jsonp__060167857335501560
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd2f8a89330326188ff540d86447a04747eff4adc7741a60ef412253fa77b2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 10:30:56 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3079 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame B978 71 KB
26 KB 35ms
35ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://elgoog.im/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Wed, 25 May 2022 10:30:56 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 18ms
18ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 25 May 2022 10:30:56 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

POST
H2 200 shares-post.json Show response
api-public.addthis.com/url/serviceapi/ 2 B
256 B 28ms
12ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
surrogate-key: sFbt=https://elgoog.im/doabarrelroll/
last-modified: Wed, 25 May 2022 10:00:00 GMT
server: nginx/1.15.8
date: Wed, 25 May 2022 10:30:56 GMT
content-type: application/json
access-control-allow-origin: https://elgoog.im
cache-control: no-transform, max-age=0, s-maxage=14400
access-control-allow-credentials: true
content-length: 2

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
290 B 377ms
362ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&callback=_ate.cbs.rcb_ch5v0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

587051289ae4d95fe57e843bab7416bdd9f27182da4cd9cac5511db4a9d157f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: elgoog.im/doabarrelroll/
last-modified: Wed, 25 May 2022 10:30:56 GMT
server: nginx/1.15.8
date: Wed, 25 May 2022 10:30:56 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

GET
H2 200 shares.json Show response
api-public.addthis.com/url/ 36 B
290 B 193ms
178ms Script
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Felgoog.im%2Fdoabarrelroll%2F&callback=_ate.cbs.rcb_h74m0

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

b025c4e1ecb12e1801b1ad1a12bc86fca869d1772685cf60a88b7ef4a86f965c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://elgoog.im/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
surrogate-key: elgoog.im/doabarrelroll/
last-modified: Wed, 25 May 2022 10:30:56 GMT
server: nginx/1.15.8
date: Wed, 25 May 2022 10:30:56 GMT
vary: Accept-Encoding
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
content-length: 56

POST
H2 200 OpportunityServlet
am-vid-events.taboola.com/ 1 B
115 B 16ms
16ms Ping
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/31_8_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://elgoog.im/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://elgoog.im
date: Wed, 25 May 2022 10:30:57 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.elgoog.im/	1970-01-20 20:49:06	Name: _ga Value: GA1.2.631957869.1653474651
.elgoog.im/	1970-01-20 03:19:21	Name: _gid Value: GA1.2.943325503.1653474651
.elgoog.im/	1970-01-20 03:17:54	Name: _gat Value: 1
.scorecardresearch.com/	1970-01-20 20:34:42	Name: UID Value: 1A166b9516e1d5f0d2b48c51653474651
elgoog.im/	1970-01-20 12:03:30	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D64598829-fbff-4cde-88ef-62ec187c0548-tuct9878adb
.spotxchange.com/	1970-01-20 12:03:34	Name: audience Value: c04acbb6-dc15-11ec-9f5c-12c786060506
ads.stickyadstv.com/	1970-01-20 04:01:06	Name: UID Value: a49216b11bfb49986e515f69379c3f
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: bc7725989e3dc3fd58e538fb3fdc5b6
ads.stickyadstv.com/	1970-01-20 04:44:18	Name: uid-bp-159 Value: 1
ads.stickyadstv.com/	1970-01-20 03:38:04	Name: uid-bp-30833 Value: 1
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: pxId Value: 1425
.doubleclick.net/	1970-01-20 03:17:55	Name: test_cookie Value: CheckForPermission
.fwmrm.net/	1970-01-20 07:37:06	Name: _uid Value: "l03f2_7101619555105788901"
ads.stickyadstv.com/	1970-01-20 04:44:18	Name: uid-bp-36033 Value: l03f2_7101619555105788901
ads.stickyadstv.com/	1970-01-20 04:44:18	Name: MRM_UID Value: l03f2_7101619555105788901
elgoog.im/	1970-01-20 12:48:09	Name: __atuvc Value: 1%7C21
elgoog.im/	1970-01-20 03:17:56	Name: __atuvs Value: 628e056085fef299000
.addthis.com/	1970-01-20 12:48:09	Name: uvc Value: 1%7C21
.addthis.com/	1970-01-20 12:48:09	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
1f2e7.v.fwmrm.net
ads.stickyadstv.com
am-match.taboola.com
am-vid-events.taboola.com
api-public.addthis.com
cdn.jsdelivr.net
cdn.stickyadstv.com
cdn.taboola.com
cds.taboola.com
cm.g.doubleclick.net
elgoog.im
fonts.googleapis.com
fonts.gstatic.com
images.taboola.com
imprammp.taboola.com
m.addthis.com
match.adsrvr.org
pips.taboola.com
s.amazon-adsystem.com
s7.addthis.com
sb.scorecardresearch.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
trc.taboola.com
v1.addthisedge.com
vidstat.taboola.com
wf.taboola.com
www.google-analytics.com
www.google.com
www.google.de
z.moatads.com
s7.addthis.com
104.75.88.126
141.226.224.32
141.226.228.48
151.101.193.44
151.101.65.44
18.134.84.20
184.30.21.112
185.94.180.126
2001:4de0:ac19::1:b:2b
216.58.212.130
23.35.237.151
2600:1f18:612b:4216:68f0:5178:951f:deb4
2606:4700::6810:5814
2606:4700:e6::ac40:c71d
2a00:1450:4001:802::200a
2a00:1450:4001:803::2003
2a00:1450:4001:811::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c04::9d
52.223.40.198
52.46.130.91
99.86.4.2
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07b825de47aba3c06f0193a05591ef370ba361c9080952cb7e9be1963cede860
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
14166eabe44d946655052e3491bf6db12dcd22a7a9bbbb98e69e2d65c6ed3108
1596a6a93efa761021728a9a9bcfaf993547696023ed0b28042bae0fa10cf1b9
1942220c39ba3ba7d5c78e1630b26733e1dd36266ed776b37d4b26378c6fa776
194c18a2b5dd01fb3f988112f03fdba314ad5f0051ecb8b2fbc652b7e7e46438
1a1acb9801268e6573fb232fdc4d88d39bf4ef436ec01de3f974be286ba93e64
1ac255568412b3bb19f22a535c538809e104eaf0dae0d7b0668794143bdfd66c
20cf7ac50f00a7fb6c4d95efbece2323a88e42350edf3ae59ae52937c9ef47d8
21189d1be801401ec412b1f3166bf0e4638b4102eb4ac329f3d72badda2dea2a
2501206bc2dd1946397e5af73148a1068f4eed77f5a85ffd37f500c8bad192ee
282ad7442bfbd24851ca280296c78161dd968d124d0b1c1b750d26092f8a5c80
2ed0dab6394966fd41ab1ed7a747f4641704f72210a354633604893eacb067b4
34a74a36d62cecaa04cb75c0f8ad5f892a6e878356a70c88d4667a6560ed25f8
380c8dd7c2b23d5b7572ed28bb68013004e8b81fd50a43c631475afb9760f5c8
383e2e78b469b28d9c6d0aaf59e5e0572019748b9e5c75a856efcfba87ed573f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
556d7e04634efda779d9deaab33a5f47614b9901fc5e04a1e4ae88b537a84b2c
587051289ae4d95fe57e843bab7416bdd9f27182da4cd9cac5511db4a9d157f6
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63f6942125ba71554329b49bcaa6880a14753cd6dbf0c965f191fa24c7276128
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
64ee48a75bba910ae3cce2195af0632d1da35293feb07171200d0f2e5a5883a2
6606820cd1f14794d1948eccd87b7f626f51ea909807624e0db931469e1ad522
70efe208587aa0220cbd71b13870394c06f90930540cbdfb677b1af997023bac
775b0234c08a7a1f56f0853af32a314ed4d082fdc778d1dde0754edec2740389
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
83e3bff4dcaa29f460fc8e9a74624323e8432c669498dd864d71cf790178c724
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86380b40e3d14ed9f3e0a5ff79c04f510d7910f677a66685e2b10f8b8765797f
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
8b27976767ef837d2f3c0e8d3c43e2821034cf59b38ea798ec8628f9144ee835
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e131c4c8d335ea14dd0a192e0d1c73cf41c4ea34721e404f1687e5bc26991f6
9322135fa5f95c6de37d32ba5994c36161a034c936f23ab48772946d28e83790
94d3fa9875f065ed5a22df95b4abc0339575e7181451b960015d16e19b83d741
99dabe65674ff08d597950906f728de2e90f42a8f701f998612e29e2326cf98f
9b4cba453d787dc3db40d32cdff6d14dec5b34bf969f5a2b96873c4fd7cd5601
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
9ff31f9b277062c2bffd781a2343ae0ee0b7e1e69bc5f91297e6bd991fc6bb27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
aba17cad8beff1ee02d9d2d10fc8be8f6cd39ac34a8bdca22a79c230ed1fe351
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
acf14e0a13c96e5c7c99efd6422b00c9359431ad7de82a1ef6fcb6e87c5815f2
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b025c4e1ecb12e1801b1ad1a12bc86fca869d1772685cf60a88b7ef4a86f965c
b114805b2dfabc02b1aea38b4860aa5810faa819c60fb3ed45aeb8acf638889b
b1bc3363072ad0b31886ece1320b931e252099034ec75c8d136bb49494567c2c
b77ef1839b834413a8c7b2495d214e6224cdc662ee4ee2d9e06f13972a0b5f28
bceb73993d094c4c821c7571921103bdc8c05e9082c4fc513d244358d53593db
bf379abafd24c9a794e884287fba6ee4de1ec2350ac3f9dae9adb84750a8cd68
c1c5c4652853e94c755f5306c8a3256b6791e58515b8f76a0432d86f4dc44a46
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
cb0587cabae102e498ef4a2d70669bdab0408be646988f88aa3f324e6b501cd3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d334796ed24f1592e5514975e6ae4a0b32ba830f7de8ac19b8666e0ffb61106b
dd2f8a89330326188ff540d86447a04747eff4adc7741a60ef412253fa77b2a2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e28ea584ef3058661eae8cb0ab30bfbf4d7a374487f0744233e9742f7da48b08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f8228a2ee49a5f43913d746181b1687f93a3abe9d5bb2bc4e259a5256daa46
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f4cfdf85a96564a4c8631329a80bda1c0cae8eb79ee9302b713f14bb534f8199
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fac8cd4087fee5f9200327d7517f5d78593dfb1c596ba74f949d3ba0b9bc279e
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

elgoog.im Open in urlscan Pro 2606:4700:e6::ac40:c71d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

90 %HTTPS

43 %IPv6

19 Domains

34 Subdomains

22 IPs

5 Countries

1107 kBTransfer

3908 kBSize

19 Cookies

10 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

elgoog.im Open in urlscan Pro
2606:4700:e6::ac40:c71d Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

90 %
HTTPS

43 %
IPv6

19
Domains

34
Subdomains

22
IPs

5
Countries

1107 kB
Transfer

3908 kB
Size

19
Cookies

96 HTTP transactions
0 data transactions