diendan.clbmarketing.com Open in urlscan Pro
103.83.156.4 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clbmarketing.com/dien-dan/members/granddaughterblanket.209586/
Effective URL:
https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
Submission: On February 01 via manual (February 1st 2024, 12:02:30 pm UTC) from VN — Scanned from CH

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 49 HTTP transactions. The main IP is 103.83.156.4, located in Singapore and belongs to CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG. The main domain is diendan.clbmarketing.com.
TLS certificate: Issued by R3 on December 29th 2023. Valid for: 3 months.

This is the only time diendan.clbmarketing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	103.83.156.4 103.83.156.4	17831 (CENTERHOP...) (CENTERHOP-SG 8 Burn Road# 15-13)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
49	7

22 103.83.156.4 (Singapore) 1 redirects

ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG)
PTR: share01.centerhop.com

clbmarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
diendan.clbmarketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	clbmarketing.com 1 redirects clbmarketing.com diendan.clbmarketing.com	959 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143 www.google.com — Cisco Umbrella Rank: 2	71 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	258 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	12 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	260 B
49	5

	Domain	Requested by
21	diendan.clbmarketing.com	diendan.clbmarketing.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	diendan.clbmarketing.com pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	diendan.clbmarketing.com
1	clbmarketing.com	1 redirects
49	8

This site contains links to these domains. Also see Links.

Domain
clbmarketing.com

Subject Issuer	Validity	Valid
diendan.clbmarketing.com R3	`2023-12-29` - `2024-03-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
Frame ID: FCF226766404477EEB622CB2459CDBD7
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html
Frame ID: 6669E9491C2E1593A33B76E2ADA3D4DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&adk=85976724&adf=3412083302&lmt=1706788941&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706788945469&bpp=3&bdt=840&idt=210&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6496542802207&frm=20&pv=2&ga_vid=1697143224.1706788946&ga_sid=1706788946&ga_hid=64019822&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&oid=2&pvsid=2926760932793968&tmod=1181691248&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221
Frame ID: 78556EAEE5E1F76FE8C92F08C7149DE9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&slotname=5029576301&adk=2205993315&adf=3044487438&pi=t.ma~as.5029576301&w=0&fwrn=4&fwrnh=100&lmt=1706788941&rafmt=12&format=0xnull&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706788945472&bpp=1&bdt=843&idt=223&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6496542802207&frm=20&pv=1&ga_vid=1697143224.1706788946&ga_sid=1706788946&ga_hid=64019822&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&oid=2&pvsid=2926760932793968&tmod=1181691248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEr%7C&abl=CS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=226
Frame ID: C509756B0D652A1135D358E446F0D521
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3619117776081563&output=html&h=280&adk=1210504359&adf=4254417425&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706788941&rafmt=1&to=qs&pwprc=5209607554&format=1200x280&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706788946165&bpp=1&bdt=1535&idt=1&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D244af501d13c796f%3AT%3D1706788945%3ART%3D1706788945%3AS%3DALNI_Mb4go6h21Ra7zT-8fMHo8t6G9AjGQ&gpic=UID%3D00000d4dd971c274%3AT%3D1706788945%3ART%3D1706788945%3AS%3DALNI_MbiC299X5lRYVHXFRZexCAtwmdwnQ&eo_id_str=ID%3D80ab034a96516133%3AT%3D1706788945%3ART%3D1706788945%3AS%3DAA-AfjYIDGlmLs0e-94-KTC79Ef-&prev_fmts=0x0%2C0xnull&nras=2&correlator=6496542802207&frm=20&pv=1&ga_vid=1697143224.1706788946&ga_sid=1706788946&ga_hid=64019822&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&oid=2&pvsid=2926760932793968&tmod=1181691248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=143
Frame ID: 301598C5938BDED478CBB454FDFF4B86
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C247EA7E4AF76CF0E4F88E5111F3567
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8B2F2788ACC419BB8A629665B5418B3F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

granddaughterblanket | Diễn đàn Marketing (thảo luận, chia sẻ, hỏi đáp)

Page URL History Show full URLs

https://clbmarketing.com/dien-dan/members/granddaughterblanket.209586/ HTTP 301
https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Page URL

Detected technologies

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

1300 kB
Transfer

2705 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://clbmarketing.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clbmarketing.com/dien-dan/members/granddaughterblanket.209586/ HTTP 301
https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
diendan.clbmarketing.com/members/granddaughterblanket.209586/
Redirect Chain

https://clbmarketing.com/dien-dan/members/granddaughterblanket.209586/
https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

43 KB
13 KB

688ms
325ms

Document
text/html

103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed / PHP/8.1.22

Resource Hash

890fd9f94c6980c0dacb49d0ac6b38da93e92e33ffd99cda948e94193e1ab41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private, no-cache, max-age=0
content-encoding: gzip
content-length: 13170
content-type: text/html; charset=utf-8
date: Thu, 01 Feb 2024 12:02:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 01 Feb 2024 12:02:21 GMT
onsuccess: unset X-Content-Type-Options
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.22

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: private, no-cache, max-age=0
content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 01 Feb 2024 12:02:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 01 Feb 2024 12:02:21 GMT
location: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
onsuccess: unset X-Content-Type-Options
server: LiteSpeed
vary: User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.22

GET
H2 200 fa-light-300.woff2
diendan.clbmarketing.com/styles/fonts/fa/ 180 KB
180 KB 164ms
163ms Font
font/woff2 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/styles/fonts/fa/fa-light-300.woff2?_v=5.15.3

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 184144
expires: Thu, 08 Feb 2024 12:02:21 GMT

GET
H2 200 fa-solid-900.woff2
diendan.clbmarketing.com/styles/fonts/fa/ 134 KB
134 KB 652ms
651ms Font
font/woff2 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.3

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 136824
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H2 200 fa-brands-400.woff2
diendan.clbmarketing.com/styles/fonts/fa/ 75 KB
75 KB 655ms
654ms Font
font/woff2 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.3

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 76740
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H2 200 css.php
diendan.clbmarketing.com/ 402 KB
86 KB 328ms
327ms Stylesheet
text/css 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed / PHP/8.1.22

Resource Hash

7ce8d26aabf34b87940bc532c457b1bc59e8d61824f4ea7535419ea75676b0a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 02:51:09 GMT
server: LiteSpeed
x-powered-by: PHP/8.1.22
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=31536000
content-length: 87551
expires: Fri, 31 Jan 2025 12:02:21 GMT

GET
H2 200 css.php
diendan.clbmarketing.com/ 7 KB
2 KB 328ms
327ms Stylesheet
text/css 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/css.php?css=public%3Amember.less%2Cpublic%3Anotices.less%2Cpublic%3Aextra.less&s=20&l=3&d=1705632669&k=a95614810b0aa034317be3c90a06b24696ec6248

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed / PHP/8.1.22

Resource Hash

c8bba43e6dd09d2c5e0e1d4e878ca177eb9ed18a9800285f21cf1d81008b29c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 02:51:09 GMT
server: LiteSpeed
x-powered-by: PHP/8.1.22
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=utf-8
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=31536000
content-length: 2038
expires: Fri, 31 Jan 2025 12:02:21 GMT

GET
H2 200 preamble.min.js Show response
diendan.clbmarketing.com/js/xf/ 4 KB
2 KB 659ms
658ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/js/xf/preamble.min.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1567
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 gtm.js Show response
diendan.clbmarketing.com/jc/ 264 KB
91 KB 687ms
686ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/jc/gtm.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed / PHP/8.1.22

Resource Hash

23c51c80b01c27d60113b62bd73b85e80bae2584c93c5558ee81a7cfeb06e4a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 01 Feb 2024 12:02:22 GMT
server: LiteSpeed
x-powered-by: PHP/8.1.22
x-frame-options: SAMEORIGIN
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=31536000
expires: Sat, 02 Mar 2024 12:02:22 GMT

GET
H3 200 logo_131x60.png
diendan.clbmarketing.com/data/assets/logo/ 3 KB
3 KB 325ms
325ms Image
image/png 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diendan.clbmarketing.com/data/assets/logo/logo_131x60.png

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

169bb31b432f4d2fe2edf2c11f842887024125fe199ca7a8ed475e740859d5cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Jan 2024 02:36:03 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3059
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
51 KB 123ms
73ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619117776081563

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4c7614ff5a3b7c4125abf769ce78b4ee24b5dd7fe860d179ddd421ad6ac39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52016
x-xss-protection: 0
server: cafe
etag: 16458135453846511013
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 01 Feb 2024 12:02:25 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
diendan.clbmarketing.com/js/vendor/jquery/ 87 KB
30 KB 814ms
813ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/js/vendor/jquery/jquery-3.5.1.min.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:29 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30280
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H2 200 vendor-compiled.js Show response
diendan.clbmarketing.com/js/vendor/ 43 KB
12 KB 816ms
816ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/js/vendor/vendor-compiled.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:31 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12298
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 core-compiled.js Show response
diendan.clbmarketing.com/js/xf/ 211 KB
58 KB 160ms
159ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/js/xf/core-compiled.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 59547
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 inline_mod.min.js Show response
diendan.clbmarketing.com/js/xf/ 6 KB
2 KB 682ms
681ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/js/xf/inline_mod.min.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

50dd71cf1cba64856357e62f4999a34c5b7952632efbe186ed3195ce4792612e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:27 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2123
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 notice.min.js Show response
diendan.clbmarketing.com/js/xf/ 4 KB
1 KB 683ms
682ms Script
application/javascript 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/js/xf/notice.min.js?_v=1da989c0

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:28 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1408
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 topright.svg
diendan.clbmarketing.com/styles/turbo/img/ 1 KB
798 B 671ms
671ms Image
image/svg+xml 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diendan.clbmarketing.com/styles/turbo/img/topright.svg

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

996279be78f9fae0b0b916f198587f435e7fa8422d4a6c0bc9cac5ee5dfdcd08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 02:35:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 738
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 bottomright.svg
diendan.clbmarketing.com/styles/turbo/img/ 1 KB
758 B 748ms
748ms Image
image/svg+xml 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diendan.clbmarketing.com/styles/turbo/img/bottomright.svg

Requested by

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

996279be78f9fae0b0b916f198587f435e7fa8422d4a6c0bc9cac5ee5dfdcd08

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 02:35:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 738
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 footer-city.png
diendan.clbmarketing.com/styles/turbo/img/ 15 KB
15 KB 747ms
747ms Image
image/png 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diendan.clbmarketing.com/styles/turbo/img/footer-city.png

Requested by

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

72bf496f15b29c8e002f7d525dbc784606d871241d05a28b37792d4a710d4b3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 02:35:42 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15433
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 ProximaSoft-Regular.woff2
diendan.clbmarketing.com/styles/turbo/font/ 41 KB
41 KB 327ms
326ms Font
font/woff2 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/styles/turbo/font/ProximaSoft-Regular.woff2

Requested by

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

6e8ee6996fb3309039f67043a7075390ba0fa4154cda8dfc866fac473fc17abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 02:35:42 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42200
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 fa-regular-400.woff2
diendan.clbmarketing.com/styles/fonts/fa/ 165 KB
165 KB 397ms
397ms Font
font/woff2 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.3

Requested by

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 04 Jan 2024 08:34:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 168768
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 ProximaSoft-Bold.woff2
diendan.clbmarketing.com/styles/turbo/font/ 42 KB
42 KB 642ms
642ms Font
font/woff2 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to

Full URL

https://diendan.clbmarketing.com/styles/turbo/font/ProximaSoft-Bold.woff2

Requested by

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

0a1ff215c6cfc0cc869f4d905aa6c5d55e237996ec92bb47169d7f6bb4ec7dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://diendan.clbmarketing.com/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Aturbofont.css&s=20&l=3&d=1705632669&k=dc54fd2f1ade9698f63d6f88568bb330be8645ac
Origin: https://diendan.clbmarketing.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 02:35:42 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42560
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 209586.jpg
diendan.clbmarketing.com/data/avatars/l/209/ 5 KB
5 KB 736ms
736ms Image
image/jpeg 103.83.156.4
CENTERHOP-SG 8 Bu...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://diendan.clbmarketing.com/data/avatars/l/209/209586.jpg?1662969686

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , CHACHA20_POLY1305

Server

103.83.156.4 , Singapore, ASN17831 (CENTERHOP-SG 8 Burn Road# 15-13, Trivex, SG),

Reverse DNS

share01.centerhop.com

Software

LiteSpeed /

Resource Hash

b670f9aeea5a5e73057788cc0f679e9c0e08c292f59b6303f332409f623c1636

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Sep 2022 08:01:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
onsuccess: unset X-Content-Type-Options
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4969
expires: Thu, 08 Feb 2024 12:02:22 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 406 KB
138 KB 126ms
83ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619117776081563

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97eea83cc23e7cc5a73de631c9e363c1bbc55dcfa7987df96ac407b56f653ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140857
x-xss-protection: 0
server: cafe
etag: 6185051429663137118
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 12:02:25 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/ Frame 6669 9 KB
5 KB 71ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3619117776081563

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 65402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 31 Jan 2024 17:52:23 GMT
etag: 3890843268177463596
expires: Wed, 14 Feb 2024 17:52:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7855 34 KB
6 KB 443ms
442ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&adk=85976724&adf=3412083302&lmt=1706788941&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706788945469&bpp=3&bdt=840&idt=210&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6496542802207&frm=20&pv=2&ga_vid=1697143224.1706788946&ga_sid=1706788946&ga_hid=64019822&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&oid=2&pvsid=2926760932793968&tmod=1181691248&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=221

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82f285b2c14d92a456948fa41311837991b5151584ed6c36839460814db10ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 6393
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 12:02:26 GMT
expires: Thu, 01 Feb 2024 12:02:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C509 862 B
576 B 443ms
442ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3619117776081563&output=html&slotname=5029576301&adk=2205993315&adf=3044487438&pi=t.ma~as.5029576301&w=0&fwrn=4&fwrnh=100&lmt=1706788941&rafmt=12&format=0xnull&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706788945472&bpp=1&bdt=843&idt=223&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6496542802207&frm=20&pv=1&ga_vid=1697143224.1706788946&ga_sid=1706788946&ga_hid=64019822&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=310&ady=144&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&oid=2&pvsid=2926760932793968&tmod=1181691248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CoeEr%7C&abl=CS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=226

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b140368c13edc6f0a6f64345a471f71c9ac1c0b4b73ff4503242e7d046ab4768

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 12:02:26 GMT
expires: Thu, 01 Feb 2024 12:02:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
260 B 77ms
28ms Ping
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HW917LH537&gtm=45je41v0v878352579&_p=1706788945298&gcd=11l1l1l1l1&npa=0&dma=0&cid=1697143224.1706788946&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706788946&sct=1&seg=0&dl=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&dt=granddaughterblanket%20%7C%20Di%E1%BB%85n%20%C4%91%C3%A0n%20Marketing%20(th%E1%BA%A3o%20lu%E1%BA%ADn%2C%20chia%20s%E1%BA%BB%2C%20h%E1%BB%8Fi%20%C4%91%C3%A1p)&en=page_view&_fv=1&_ss=1&_ee=1&epn.style_id=20&tfd=2724
Requested by: Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/jc/gtm.js?_v=1da989c0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 12:02:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://diendan.clbmarketing.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-3619117776081563 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 107ms
50ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3619117776081563?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4182ef2c435f0a738bd618db4348d9307e90988342a4eed658c8d2e8fd960511

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JudhuQedrbUdeEpeEiFS5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-JudhuQedrbUdeEpeEiFS5g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsOoxSXFEKAhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxCJy51llgFiIm-PShHdr2QQ2LH9RAACCvVmd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 167ms
167ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&hl=vi&pvc=2926760932793968

Requested by

Host: diendan.clbmarketing.com
URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Feb 2024 12:02:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3015 436 B
236 B 461ms
461ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3619117776081563&output=html&h=280&adk=1210504359&adf=4254417425&pi=t.aa~a.3822907434~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1706788941&rafmt=1&to=qs&pwprc=5209607554&format=1200x280&url=https%3A%2F%2Fdiendan.clbmarketing.com%2Fmembers%2Fgranddaughterblanket.209586%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706788946165&bpp=1&bdt=1535&idt=1&shv=r20240129&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D244af501d13c796f%3AT%3D1706788945%3ART%3D1706788945%3AS%3DALNI_Mb4go6h21Ra7zT-8fMHo8t6G9AjGQ&gpic=UID%3D00000d4dd971c274%3AT%3D1706788945%3ART%3D1706788945%3AS%3DALNI_MbiC299X5lRYVHXFRZexCAtwmdwnQ&eo_id_str=ID%3D80ab034a96516133%3AT%3D1706788945%3ART%3D1706788945%3AS%3DAA-AfjYIDGlmLs0e-94-KTC79Ef-&prev_fmts=0x0%2C0xnull&nras=2&correlator=6496542802207&frm=20&pv=1&ga_vid=1697143224.1706788946&ga_sid=1706788946&ga_hid=64019822&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95321957%2C95321252%2C95323007&oid=2&pvsid=2926760932793968&tmod=1181691248&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a4e9e6f7b19b26e51d9bee030b4cefc1c01b78c3145da0b37c147a44a8adfbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 12:02:26 GMT
expires: Thu, 01 Feb 2024 12:02:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxVOZWpiORGKeG9SGCF5pKSD5dNgNK1DeePO8gBXtD0qAnx7tx06LLOADeTlnkiCnqq-1UrSnfTsUJIbEnR2i2qynyd_bA6uyT1QGh1gQaDrFwrCb2FAPzNbtWuD_lbpSjQJuqClWw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVOZWpiORGKeG9SGCF5pKSD5dNgNK1DeePO8gBXtD0qAnx7tx06LLOADeTlnkiCnqq-1UrSnfTsUJIbEnR2i2qynyd_bA6uyT1QGh1gQaDrFwrCb2FAPzNbtWuD_lbpSjQJuqClWw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Nzg4OTQ2LDMxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9kaWVuZGFuLmNsYm1hcmtldGluZy5jb20vbWVtYmVycy9ncmFuZGRhdWdodGVyYmxhbmtldC4yMDk1ODYvIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiZGUiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMydysWSwbIpNQ8XJtR_bqujs8v2Qw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83021c89eef39d96f233c740eabc921fe0edf11a7279f70f76286fd83c634aeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eA437mU7xFzJihgt0I4QTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-eA437mU7xFzJihgt0I4QTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsOoxSXFEKQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxMJy51mlgViIh-PShHdr2QRmzLqwhBEA3WBZlg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUI1yTz-IPUJdrOnCFe7WuzM1deKFNVpc2235qPa9akI8UnuIMcgfjKeV0tdiOxumhBe1kYUxb32ElPN9kKZuY2XnOc-y_iOj8Q3FKmFlF6wjKJUCwjYF4ocgg9k0Sf9RR8EHTgNg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUI1yTz-IPUJdrOnCFe7WuzM1deKFNVpc2235qPa9akI8UnuIMcgfjKeV0tdiOxumhBe1kYUxb32ElPN9kKZuY2XnOc-y_iOj8Q3FKmFlF6wjKJUCwjYF4ocgg9k0Sf9RR8EHTgNg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Nzg4OTQ2LDM2NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImRlIl0sImh0dHBzOi8vZGllbmRhbi5jbGJtYXJrZXRpbmcuY29tL21lbWJlcnMvZ3JhbmRkYXVnaHRlcmJsYW5rZXQuMjA5NTg2LyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

548b34f24a947c517e88d29feda91ad3d15edfaf27360650a7be135e0956159b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DPq10PZdUBFXRQE9wkVIGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DPq10PZdUBFXRQE9wkVIGQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjOsKoxSXF4KghxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5k4vr5kkgBiNSB-J_mK6RsQ7_DxYHkTPp2VLQKIK6az8gFxXN101hwg5ls3nVVz_XTWLWems-4B4pjn01lTgHgx6wzW1UA8JXAG6xwgbomewToJiJ3SZ7AGAPHnzBmsv4HYp34GaxQQl90-x1oHxEI8HJcmvFvLJnDh_L_djAAYtlgd"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
66ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240129&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7ecf38b50b989c02e2f8f078b995124ed14453d9ca3a5cc04a8556808844a8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12061
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 85ms
35ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 12:02:26 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C24 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 11:57:32 GMT
expires: Fri, 31 Jan 2025 11:57:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8B2F 829 B
1 KB 80ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e16b069c1eb1cef530c2458bac67994496c223cb4de9e7dd7b216ecac5c14135

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZVGUcsebIkAAqut4hIkX0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://diendan.clbmarketing.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZVGUcsebIkAAqut4hIkX0Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 12:02:27 GMT
expires: Thu, 01 Feb 2024 12:02:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C24 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:20:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 09:20:36 GMT

GET
H3 200 ads-sidebar- Show response
fundingchoicesmessages.google.com/f/AGSKWxUhuc79pOdhVw9XdfD43lyacGf4ZaW6AraiWXmy-6tKdZ5BkRglElzO9pSgHb12R4PSXdkgQCQ4tvygaW9KFiV2ibSQqRE2IBW87QXRr8oKkjSmHDpdHp3OqlObKEYzEPK7-iuA0xGGMQo88bxJRVFt_6XaT... 54 B
110 B 35ms
35ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUhuc79pOdhVw9XdfD43lyacGf4ZaW6AraiWXmy-6tKdZ5BkRglElzO9pSgHb12R4PSXdkgQCQ4tvygaW9KFiV2ibSQqRE2IBW87QXRr8oKkjSmHDpdHp3OqlObKEYzEPK7-iuA0xGGMQo88bxJRVFt_6XaTmih8BMbPh6MBpVPJPpmKYoshv_ZgOLw/_/adunix./eas_fif._160x290._widget_ad./ads-sidebar-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMx30KSgFiR5BFnNJbpBGjmlO4oozg/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ccf769166c42d13a74f70bf30b180ca4c9cec017524b62f8ea3e4c9b7c7b832b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KNgHeCi39tBKvWrBXsIonQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-KNgHeCi39tBKvWrBXsIonQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNwzsIQWEYBuDjyyeXkkyYJUxGswwGAxMhk5IYTLJgYZfU_w82o7AYDEajSAaJwYCDdBaXhcH71GOe6_xmlxL2upRV6EBbXLvPtMOacqEWHhMXumLAq1IQy0WVqqj7XcmE2utGxveNHOhBzXmnD06jEf0jIdiQxKpgK2brgktoHQn2jQVPFoJnmFEF57DPkgfYjUvuYTMtuYOhvOQYPguSvxhtSE5hZb_kOtotxk1bGxps7VPP9gfAv1bn"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 86 KB
30 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cb00582f66db2a752a204b662cc0860a94d2cd945eacdad5778abe7414ac5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 11:33:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1733
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31168
x-xss-protection: 0
server: cafe
etag: 14589227577193608053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Feb 2024 12:33:34 GMT

POST
H3 204 AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 79ms
36ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VZGODPPe48KyVzlSs7VJkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-VZGODPPe48KyVzlSs7VJkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWFjuPKs0EAtxc1ye8G4tm8CFm_NVAcrTIl8"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://diendan.clbmarketing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8B2F 0
0 167ms
167ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240129&jk=2926760932793968&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C24 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?2qkmeA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 48ms
35ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BYw4e9hTokkAdNBaNmVqnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BYw4e9hTokkAdNBaNmVqnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj8tHikmLw15BiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWETuPKsMEAtxc1ye8G4tm8CMLb9UAMoKIl0"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://diendan.clbmarketing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 41ms
34ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hhWrsZTYpNF1m7QwKpF_iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-hhWrsZTYpNF1m7QwKpF_iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4_KEd2vZBH68alcFAM8IIGM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://diendan.clbmarketing.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 53ms
47ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PwgDj_2mpeBN4jn9vyFM6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PwgDj_2mpeBN4jn9vyFM6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4_KEd2vZBDasf64FAM7jIEg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://diendan.clbmarketing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWlmYMx6q4bTR_FP-oROcd8iy2gz_Gefp8LBr1NTz18YcwlYcSaKhlzvMzykRGn67B9Gh9hHxGC6aq1MXoXYe3iy4qDrLoZGXk-oPD06vfo3FMZdqFrP_EbKBoM3LHkWQoh3iINew== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWlmYMx6q4bTR_FP-oROcd8iy2gz_Gefp8LBr1NTz18YcwlYcSaKhlzvMzykRGn67B9Gh9hHxGC6aq1MXoXYe3iy4qDrLoZGXk-oPD06vfo3FMZdqFrP_EbKBoM3LHkWQoh3iINew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2Nzg4OTQ3LDU1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5LDZdLG51bGwsMixudWxsLCJkZSIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2RpZW5kYW4uY2xibWFya2V0aW5nLmNvbS9tZW1iZXJzL2dyYW5kZGF1Z2h0ZXJibGFua2V0LjIwOTU4Ni8iLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c0d292dc728990d9217570236a6ea341449471af5dbe0b7af8247f665e29721

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5xaoAfVR8X-a-yPQw_IVuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: script-src 'report-sample' 'nonce-5xaoAfVR8X-a-yPQw_IVuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNwy2MgXEcB_DHb37mZTOTkO2GJKokQSAxTLrtZgTppqDQzWz_fxBsoqEIgiBeMC8TOC4oPJg9xUs5wfezfcxTnc_sUoIel_Kz3dEC56E_WuPSfaBfLClHquE-fqQT-j0qBbCQU6mIuteJTKjdz2R8nMmBH6g5L_TEUSSsv8YFGxJYFGzFTFlwHq19wd6B4OFU8BjTquBP7LDkLjZjkltYTUluYOhLchRvWcn_GKlITuL3bsZltFuMq7rWM9gmm7bvDd3QXDQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXTmuQXiNHIxzkRGguw36WmVZOkjt2ioS3_Y6PNHivyOC423qWkoJ7AIa6QOtN8YOJr_2kvIZDt-j4sFjvGYM1TE07j9lk0q8XCSYufvw5MGqvPE_nRjG51Y6mwUNqqJ8bSh3i8Lw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 32ms
32ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXTmuQXiNHIxzkRGguw36WmVZOkjt2ioS3_Y6PNHivyOC423qWkoJ7AIa6QOtN8YOJr_2kvIZDt-j4sFjvGYM1TE07j9lk0q8XCSYufvw5MGqvPE_nRjG51Y6mwUNqqJ8bSh3i8Lw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-To3LXpTRMuM4C4uW1Hu2GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-To3LXpTRMuM4C4uW1Hu2GQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw1ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4_KEd2vZBHZM-GoNAMuEIEU"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://diendan.clbmarketing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 33ms
33ms XHR
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX_ski5Es3_04WvaW5ndJUYFvrQBTTuv-P1GYeuBqTWYr8dAtmAcz8S0WZxjPkWLS7w2ufEylq0MJ53CT01zr42rUJLIjOS0AuzJh_OP2i0r9jJpcApJkQ4MYlMvVqNTdiuG4kyZA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pVthO2gG7Z5O1q2PPGDr7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://diendan.clbmarketing.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Feb 2024 12:02:27 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pVthO2gG7Z5O1q2PPGDr7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib4_KEd2vZBBbc7LQBAMmnIAY"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://diendan.clbmarketing.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 173ms
173ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240129&jk=2926760932793968&bg=!YGOlYyzNAAa8BdJLnAU7ADQBe5WfOK0dfLlqw44J4jIEacud28X6ZFeFwJP22Fm1nKmo_yZum681qRslhrT6rNIc0IEHAgAAAC9SAAAAAmgBBwoAb0di7umxSGcpToya6W7Z0XSOtxw4eiRCSn5mqI1nBEF-xsWDGDJbZqEhrAtgXwME89vQZVOZEOwWImzPSA706cWtqUDp_UmlolIeB1O8fWs7V8TFSfXiWklypQ1QI7RLGwQBC0Cshd75J3BOo-zVr5kC1TfJ1M0_tpy1G8aIe_8_N_zs8RHNSueouaKmnUbeYRDOGR-FQjp2-dlHwwuRZVpaovrhjWjelkUS79fVNlQiVJDBLpT-rUmO0HdSqmMxee3K5t45VZkEHKg5MNpz3X5C5_bp2llonNIMDeuVG3QcbvRvVQA2vAy4Kokrvwd2it-r0o6HD9TpIsPWRXCtdD64xS4s3pMmpL4WLxMb_02avXt6eMILnuvkCPiYl2f58cRHzbKkwp16AH9WtfjO3PVlSMborgRxIGO0u6tY0wWPbk5O-iJGBL0uwgcnTx3rWeotXSaVNX-lw4bDzyAx_AgevhMnfKHW2gUtUUXFSJmDCWbSijF7Nq_mNe1KcdHQOJieILa92fwZomzlvBV38pEmQQvNkN0HgC5IaW2ABZuoBX3JchsqKpz6QQSGGxAzDzCmXjWFxzjwT-56qXVxMBAKHM96ytgImtFMp1CqCjGwxXgRkeNjkP3JelNxHJfbw6j1Eqx9eDO0gjyoINclgR4IHeh3h2Ewjn-d-eNbE7F_1QiZi4GtP9lif6GuCZKC2yibLxlijgMRRutND0kyoPREh-xz3Q0apG4uyTTKlxqpCg0Q0EijSolXptK2PEHne-MBi02qcEu34eh5pJjUuUznkJ3UBpKrE2MBbktmTpgk_GPb07iQNEl0BZja9O-3WeU6Dh1gZts_j-YYwn9K_q-1RGL7W3u1VA6PTTC7LUGUgC7WD2QHzBgocf7y2aqHOw934KRluz4ejW4R9qVt7rR9vlT-0m2esqvH25XhyYxIsuBcenSl-sYf5orHcIhvePuESYlGnN3aF1T6T6JOqf0gW4WxW90eBodQlgPsKXc0xCE1An9jn0vyCvEkktPWC2ROMTt9oifhFWxjlCjy5dLW0j90kQd7FQcJb_eNoH0-mpMiNk3onyRGQpae5wXCkcrADnpXu7PHStbMSfYAdGxL1gZGYxHE
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://diendan.clbmarketing.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
diendan.clbmarketing.com/	1969-12-31 23:59:59	Name: xf_csrf Value: 04WEVA-wKPm1rozY
.clbmarketing.com/	1970-01-21 03:42:28	Name: _ga_HW917LH537 Value: GS1.1.1706788946.1.0.1706788946.0.0.0
.clbmarketing.com/	1970-01-21 03:42:28	Name: _ga Value: GA1.1.1697143224.1706788946
.clbmarketing.com/	1970-01-21 03:28:04	Name: __gads Value: ID=244af501d13c796f:T=1706788945:RT=1706788945:S=ALNI_Mb4go6h21Ra7zT-8fMHo8t6G9AjGQ
.clbmarketing.com/	1970-01-21 03:28:04	Name: __gpi Value: UID=00000d4dd971c274:T=1706788945:RT=1706788945:S=ALNI_MbiC299X5lRYVHXFRZexCAtwmdwnQ
.clbmarketing.com/	1970-01-20 22:25:40	Name: __eoi Value: ID=80ab034a96516133:T=1706788945:RT=1706788945:S=AA-AfjYIDGlmLs0e-94-KTC79Ef-
.doubleclick.net/	1970-01-21 03:42:28	Name: IDE Value: AHWqTUlgtDzGDm1WekbpTpf-VeRYTAhqvZ2xix9ZFWB1diE-nVb0DrtlC8Q-rI8-TfY
.clbmarketing.com/	1970-01-21 02:52:04	Name: FCNEC Value: %5B%5B%22AKsRol9XNY8aX0dA9TOC6Q8g3TnVbubqvpUiTm75zqVTLXTZDcIxmIbjbCrUoMEJAMDl_MoAp7YVFZx-NBorZJ13gl3__6iMXC2LtIgAZ5PEsC4xSgcgMO1lKo_sibVJ7zrbN9YPVQLtekFGEKx-nvjJvK8DM6VP_Q%3D%3D%22%5D%5D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://diendan.clbmarketing.com/members/granddaughterblanket.209586/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clbmarketing.com
diendan.clbmarketing.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
103.83.156.4
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::200e
0a1ff215c6cfc0cc869f4d905aa6c5d55e237996ec92bb47169d7f6bb4ec7dc0
169bb31b432f4d2fe2edf2c11f842887024125fe199ca7a8ed475e740859d5cc
1a4e9e6f7b19b26e51d9bee030b4cefc1c01b78c3145da0b37c147a44a8adfbf
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
23c51c80b01c27d60113b62bd73b85e80bae2584c93c5558ee81a7cfeb06e4a4
304e77733a818935ddeb447ed9d6d6d4f16e44b8cc262ee05c89324ee7afdc6c
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
4182ef2c435f0a738bd618db4348d9307e90988342a4eed658c8d2e8fd960511
4de49631fe60b17010f7cda29a6236ca6ad6102ea204e5c31d2c1e79ee276938
50dd71cf1cba64856357e62f4999a34c5b7952632efbe186ed3195ce4792612e
548b34f24a947c517e88d29feda91ad3d15edfaf27360650a7be135e0956159b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6e8ee6996fb3309039f67043a7075390ba0fa4154cda8dfc866fac473fc17abb
72bf496f15b29c8e002f7d525dbc784606d871241d05a28b37792d4a710d4b3f
7ce8d26aabf34b87940bc532c457b1bc59e8d61824f4ea7535419ea75676b0a1
82f285b2c14d92a456948fa41311837991b5151584ed6c36839460814db10ce9
83021c89eef39d96f233c740eabc921fe0edf11a7279f70f76286fd83c634aeb
890fd9f94c6980c0dacb49d0ac6b38da93e92e33ffd99cda948e94193e1ab41b
92cb00582f66db2a752a204b662cc0860a94d2cd945eacdad5778abe7414ac5d
943efdb4b38963df0653d778f233b55db3e19f44794e4ff944e33b8849dcdb3c
97eea83cc23e7cc5a73de631c9e363c1bbc55dcfa7987df96ac407b56f653ad9
996279be78f9fae0b0b916f198587f435e7fa8422d4a6c0bc9cac5ee5dfdcd08
9b3ac0feea940572935c876792af52347e06b26900eb88c4c479448fa319a937
9b4c7614ff5a3b7c4125abf769ce78b4ee24b5dd7fe860d179ddd421ad6ac39e
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c0d292dc728990d9217570236a6ea341449471af5dbe0b7af8247f665e29721
a5dcfd1d44af85302c19886c111e277273cca860febaae5f8cdb0de61733b44b
b140368c13edc6f0a6f64345a471f71c9ac1c0b4b73ff4503242e7d046ab4768
b670f9aeea5a5e73057788cc0f679e9c0e08c292f59b6303f332409f623c1636
b7ecf38b50b989c02e2f8f078b995124ed14453d9ca3a5cc04a8556808844a8d
c2497d559960ba9e1c68f41674e8bc980d3b229155e068bc7f42f157f81c4388
c8bba43e6dd09d2c5e0e1d4e878ca177eb9ed18a9800285f21cf1d81008b29c0
ccf769166c42d13a74f70bf30b180ca4c9cec017524b62f8ea3e4c9b7c7b832b
e16b069c1eb1cef530c2458bac67994496c223cb4de9e7dd7b216ecac5c14135
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9f0d24d1230e0a5760800e4a1657801cff8edf2ba87a05c5d96f74ce44ec06d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

diendan.clbmarketing.com Open in urlscan Pro 103.83.156.4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

86 %IPv6

5 Domains

8 Subdomains

7 IPs

2 Countries

1300 kBTransfer

2705 kBSize

8 Cookies

1 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

diendan.clbmarketing.com Open in urlscan Pro
103.83.156.4 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

86 %
IPv6

5
Domains

8
Subdomains

7
IPs

2
Countries

1300 kB
Transfer

2705 kB
Size

8
Cookies

49 HTTP transactions
0 data transactions