152.89.104.167 Open in urlscan Pro
152.89.104.167 Public Scan

URL:
http://152.89.104.167/
Submission: On October 13 via manual (October 13th 2020, 7:07:24 am UTC) from GB

Summary HTTP 58 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 15 domains to perform 58 HTTP transactions. The main IP is 152.89.104.167, located in Germany and belongs to NETCUP-AS netcup GmbH, DE. The main domain is 152.89.104.167.

This is the only time 152.89.104.167 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	152.89.104.167 152.89.104.167	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
3 8	104.75.88.112 104.75.88.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	104.111.228.123 104.111.228.123	16625 (AKAMAI-AS) (AKAMAI-AS)
1	95.217.231.160 95.217.231.160	24940 (HETZNER-AS) (HETZNER-AS)
10	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	104.111.216.96 104.111.216.96	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
5	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
5	95.217.114.142 95.217.114.142	24940 (HETZNER-AS) (HETZNER-AS)
3	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::681f:5cc4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2006	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
2	129.146.196.240 129.146.196.240	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
58	18

7 152.89.104.167 (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: v22019091628298018.supersrv.de

152.89.104.167	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.75.88.112 (Netherlands) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-public.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.228.123 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.231.160 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap11.adplayer.pro

cdn.ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.216.96 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-96.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1126a9622b62dc1fb022a735f1a9183.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.217.114.142 (Finland)

ASN24940 (HETZNER-AS, DE)

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::681f:5cc4 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 129.146.196.240 (United States)

ASN31898 (ORACLE-BMC-31898, US)

api-public-oci-origin.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googlesyndication.com a1126a9622b62dc1fb022a735f1a9183.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	51 KB
9	addthis.com 3 redirects s7.addthis.com m.addthis.com api-public.addthis.com api-public-oci-origin.addthis.com	192 KB
5	stat-rock.com serving.stat-rock.com	2 KB
5	doubleclick.net securepubads.g.doubleclick.net	107 KB
5	paypalobjects.com 1 redirects www.paypalobjects.com	4 KB
4	googletagservices.com www.googletagservices.com	91 KB
3	googleapis.com imasdk.googleapis.com	108 KB
2	facebook.com graph.facebook.com	2 KB
2	google.com adservice.google.com www.google.com	890 B
2	google-analytics.com www.google-analytics.com	18 KB
2	ad.plus cdn.ad.plus ad.plus	89 KB
1	2mdn.net s0.2mdn.net	11 KB
1	addthisedge.com v1.addthisedge.com	962 B
1	google.de adservice.google.de	890 B
1	moatads.com z.moatads.com	1 KB
58	15

	Domain	Requested by
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	serving.stat-rock.com	cdn.ad.plus 152.89.104.167
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net 152.89.104.167
5	www.paypalobjects.com	1 redirects 152.89.104.167
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	www.googletagservices.com	152.89.104.167 cdn.ad.plus securepubads.g.doubleclick.net
4	s7.addthis.com	1 redirects 152.89.104.167 s7.addthis.com
3	imasdk.googleapis.com	cdn.ad.plus imasdk.googleapis.com
2	api-public-oci-origin.addthis.com
2	api-public.addthis.com	2 redirects
2	graph.facebook.com	s7.addthis.com
2	www.google-analytics.com	152.89.104.167 www.google-analytics.com
1	www.google.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	ad.plus	152.89.104.167
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	a1126a9622b62dc1fb022a735f1a9183.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	z.moatads.com	s7.addthis.com
1	cdn.ad.plus	152.89.104.167
58	22

This site contains links to these domains. Also see Links.

Domain
php-download.com
js-download.com
ethereum-balance.com
shop24.ge
spreadsheet-master.com
www.addthis.com

Subject Issuer	Validity	Valid
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2020-01-09` - `2022-01-12`	2 years	crt.sh
cdn.ad.plus Let's Encrypt Authority X3	`2020-08-30` - `2020-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
serving.stat-rock.com Let's Encrypt Authority X3	`2020-10-11` - `2021-01-09`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.addthis.com DigiCert SHA2 Secure Server CA	`2019-02-04` - `2021-02-03`	2 years	crt.sh

This page contains 8 frames:

Primary Page: http://152.89.104.167/
Frame ID: 9DDB3DC09D444A2A76A8126277B7595E
Requests: 45 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1001E58C13ABB652EA857C545D28D724
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1D1041F69A6D9F154F56C2F70EA24963
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: BBFA71FAF01FB4FD01DC58F456961C4E
Requests: 2 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.416.2_en.html
Frame ID: B84803DA6B530851A827DD2A011D8DB3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 3AA195F830CDC3664F36EE6506A24A6E
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.416.2_en.html
Frame ID: 3414161C10AC277717D6676DBE48C757
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXzEEUZyLwhFQV-0kKU9GOTQ3JlFRMhZqBVuBPxxOIFDKhWp9hXrN_-5V0KsO7qshw85Old4N4e7smRQ9UkfuF9Dd3031yR8nnui_JORYydfhLADVHWVTM3zz5XZx6RaeOUuA5hxrtGbx3YP0l4qZmBkZH0iFaN6ZJ2sXmnuZR1N68OSDN-uuBG6ykq1xpBQIIRiNYJ81duIZcyvC0ZFXwkmz5EuMnLnryxoU-RQ7keJs9vBV6cSJZJ63QKabLwioM4Nyo6gHV3O9E7HeGu-uqt2tsO3WcE3gZeN1M1is&sig=Cg0ArKJSzL_t2vSFj9caEAE&adurl=
Frame ID: B14FB0547BB478091EE42EC04EE9D321
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Debian (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Debian/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

58
Requests

78 %
HTTPS

53 %
IPv6

15
Domains

22
Subdomains

18
IPs

5
Countries

880 kB
Transfer

2437 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://php-download.com/
Title: PHP Download

Search URL Search Domain Scan URL

URL: https://js-download.com/
Title: JavaScript Download

Search URL Search Domain Scan URL

URL: https://ethereum-balance.com/
Title: Partner: Your ethereum balance online

Search URL Search Domain Scan URL

URL: https://shop24.ge/
Title: Online Shopping in Tbilisi (Georgia)

Search URL Search Domain Scan URL

URL: https://spreadsheet-master.com/
Title: Manage you online shop in Google Spreadsheets

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 6

https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif HTTP 302
https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif?akam_redir=1

Request Chain 14

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 38

http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_buop0 HTTP 308
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_buop0

Request Chain 40

http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_ibmk0 HTTP 308
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_ibmk0

58 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
152.89.104.167/ 29 KB
7 KB 86ms
68ms Document
text/html 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: http://152.89.104.167/
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 2fc662a3ebf718abc977c5a88c592fa54798d5334c49e0c96240d5f2affac704

Request headers

Host: 152.89.104.167
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Server: Apache/2.4.38 (Debian)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=6200c29ef6f4b39437febbd1bc729df3; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6235
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK script.min.js Show response
152.89.104.167/js/ 203 KB
69 KB 92ms
71ms Script
application/javascript 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: http://152.89.104.167/js/script.min.js
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: d465577dd17e9313084bb7760806554f067970dcc4c6a7735137604d3a74be26

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Nov 2019 06:51:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "32ca7-59862899be59a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jar-download.js Show response
152.89.104.167/js/ 8 KB
2 KB 81ms
61ms Script
application/javascript 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: http://152.89.104.167/js/jar-download.js
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: ec7071b88df2f6fedb9f381725a3e823b8ce757173065ef65ca813229d4ecbd9

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Nov 2019 06:51:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1ed6-59862899be59a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2023

GET
H/1.1 200
OK style.min.css
152.89.104.167/css/ 176 KB
29 KB 48ms
46ms Stylesheet
text/css 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: http://152.89.104.167/css/style.min.css
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5c0383f36f1263adea86477d8bdb8df4575c46d0f8358e496abe1bc35afd0f81

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Nov 2019 06:51:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2bede-59862899b4957-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29604

GET
H/1.1 200
OK custom.css
152.89.104.167/css/ 7 KB
2 KB 81ms
62ms Stylesheet
text/css 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: http://152.89.104.167/css/custom.css
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 913acd692ab71c46f65f17681b48498aca23c8055094b4842adbdeb23da9eec5

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 13:31:52 GMT
Server: Apache/2.4.38 (Debian)
ETag: "1bb5-59c2dbb37a200-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1897

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

88ms
29ms

Script
application/javascript

104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Tue, 13 Oct 2020 07:07:06 GMT
x-host: s7.addthis.com
content-length: 116324

Redirect headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK logo.png
152.89.104.167/ 28 KB
29 KB 43ms
41ms Image
image/png 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://152.89.104.167/logo.png
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: 1f8bcae953e81414c47b24c1e8f76f4d4815ba0b0fda4b0b4379fa1e026d0d03

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Last-Modified: Thu, 28 Nov 2019 06:51:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "71b3-59862899be59a"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29107

GET
H2

200

btn_buynowCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif?akam_redir=1

1 KB
2 KB

41ms
40ms

Image
image/webp

104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif?akam_redir=1

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

38488db1bedc718dd241f5a449a4497435033622b54dd85eb70356108673d058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
x-content-type-options: nosniff
last-modified: Tue, 28 Jul 2020 15:55:45 GMT
server: Akamai Image Manager
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=43200
content-length: 1524
expires: Tue, 13 Oct 2020 19:07:07 GMT

Redirect headers

date: Tue, 13 Oct 2020 07:07:07 GMT
x-content-type-options: nosniff
server: AkamaiGHost
status: 302
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
location: https://www.paypalobjects.com/en_US/i/btn/btn_buynowCC_LG.gif?akam_redir=1
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
content-length: 0
expires: Tue, 13 Oct 2020 07:07:07 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
279 B 165ms
47ms Image
image/gif 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 56
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 08 May 2020 01:21:33 GMT
content-length: 43
server: Akamai Image Manager
expires: Tue, 13 Oct 2020 19:07:06 GMT

GET
H2 200 adplus.js Show response
cdn.ad.plus/player/ 272 KB
87 KB 302ms
59ms Script
application/javascript 95.217.231.160
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad.plus/player/adplus.js
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.231.160 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap11.adplayer.pro
Software: nginx /
Resource Hash: 282fcaf831fc9dbb727c9ed1ab45ee6c2727709e61a04e4a4491fed871f48a60

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 07:03:25 GMT
server: nginx
etag: W/"5f7eb9bd-43e2a"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=600

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
18 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a13e74b05d986b6f4938d61078f38dab5a4bcd864f1d14b85adcfc3686414b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "661 / 9 of 1000 / last-modified: 1602541700"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17684
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:06 GMT

GET
H2 200 btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/ 1 KB
2 KB 165ms
48ms Image
image/webp 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

7ee6e85a2f79ff3a3acc9655f71db591b468f6db903542ad66aff7451779f2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1483
strict-transport-security: max-age=31536000
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 08 May 2020 01:21:37 GMT
content-length: 1412
server: Akamai Image Manager
expires: Tue, 13 Oct 2020 19:07:06 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/de_DE/i/scr/ 43 B
280 B 171ms
54ms Image
image/gif 104.111.228.123
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/de_DE/i/scr/pixel.gif

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-228-123.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
x-content-type-options: nosniff
x-check-cacheable: YES
x-serial: 1838
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
cache-control: private, no-transform, max-age=43200
last-modified: Fri, 08 May 2020 01:21:41 GMT
content-length: 43
server: Akamai Image Manager
expires: Tue, 13 Oct 2020 19:07:06 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 112ms
38ms Script
application/x-javascript 104.111.216.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.216.96 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-96.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 6CDA04CEF72D568E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=55679
accept-ranges: bytes
content-length: 948
x-amz-id-2: vmrAbpbzrBs8g4V4M3AoGAqwWb0EhELJ1wy9AWvX/tuPVstbiwgv0ja/UaK2kknp20dNDPCNIa4=

GET
H/1.1 200
OK fontawesome-webfont.woff2
152.89.104.167/fonts/ 65 KB
65 KB 41ms
41ms Font
font/woff2 152.89.104.167
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to

Full URL: http://152.89.104.167/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/css/style.min.css
Protocol: HTTP/1.1
Server: 152.89.104.167 , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS: v22019091628298018.supersrv.de
Software: Apache/2.4.38 (Debian) /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: http://152.89.104.167
Referer: http://152.89.104.167/css/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 13 Oct 2020 07:07:06 GMT
Last-Modified: Thu, 28 Nov 2019 06:51:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "10440-59862899b6897"
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 66624

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 4661
date: Tue, 13 Oct 2020 05:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Tue, 13 Oct 2020 07:49:25 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H2 200 pubads_impl_2020100701.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 129ms
64ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

4d89fe878915363fb946ed51bc60593e90df39059bc1a05c717a0cd9ba5bf58d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Tue, 13 Oct 2020 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Oct 2020 08:44:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97676
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:06 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
64 B 15ms
14ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1506929484&t=pageview&_s=1&dl=http%3A%2F%2F152.89.104.167%2F&ul=en-us&de=UTF-8&dt=Download%20JAR%20files%20with%20all%20dependencies&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1824805246&gjid=709720894&cid=1964584610.1602572827&tid=UA-64092528-1&_gid=183694911.1602572827&_r=1&_slc=1&z=1377108093

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Oct 2020 07:07:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://152.89.104.167
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 38ms
17ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=152.89.104.167

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Oct 2020 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=152.89.104.167

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Oct 2020 07:07:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 428 B
944 B 179ms
143ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007614270983529&correlator=4142984515109880&output=ldjh&impl=fif&eid=21067703%2C21065975%2C21067618%2C22316438%2C21067948&vrg=2020100701&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201013&iu_parts=21849154601%2CAd.Plus-970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=2&cookie_enabled=1&bc=23&abxe=1&lmt=1602572826&dt=1602572826967&dlt=1602572826389&idt=559&frm=20&biw=1600&bih=1200&oid=3&adxs=303&adys=1022&adks=493704537&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F152.89.104.167%2F&dssz=15&icsg=64010&std=0&vis=1&scr_x=0&scr_y=0&psz=994x250&msz=994x250&ga_vid=1964584610.1602572827&ga_sid=1602572827&ga_hid=1506929484&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

1a089fa89025be9210f9657962d22ad71cb2d7df6e4a15af751bfd97417c8ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://152.89.104.167
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a1126a9622b62dc1fb022a735f1a9183.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 70ms
21ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a1126a9622b62dc1fb022a735f1a9183.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-569f7b5e20f139ca/ 3 KB
962 B 487ms
486ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-569f7b5e20f139ca/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fad1c5124d46daa871961017fc1b31c10b49ea342c8ede89211b0afde482133d

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: gzip
etag: -1577667486--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=51, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 737
x-akamai-path-stats: [3:95696:355304],[1:10116:4294959180]

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 183ms
181ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f85521a3a5d9390&bkl=0&bl=1&pdt=154&sid=5f85521a3a5d9390&pub=ra-569f7b5e20f139ca&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=152.89.104.167&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1602572826988&jsl=1&uvs=5f85521a3e55a8bb000&skipb=1&callback=addthis.cbs.jsonp__8452763335369820
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-112.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a6130ad84501833836bd12c3824b1643d5c0f859792f1b616c1384d922c9ea27

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 13 Oct 2020 07:07:07 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1001 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1D10 0
0 34ms
34ms Document
text/html 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://152.89.104.167/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://152.89.104.167/

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Tue, 13 Oct 2020 07:07:07 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 1 Show response
serving.stat-rock.com/v1/placements/mTlWe3wmqLql0avA2aEPKwBnlmbGqxin706yXM1S-S-lkTnPOhAM/code/js/ 2 KB
1 KB 200ms
81ms XHR
application/json 95.217.114.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/v1/placements/mTlWe3wmqLql0avA2aEPKwBnlmbGqxin706yXM1S-S-lkTnPOhAM/code/js/1?b=0.25045224108337516
Requested by: Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.142 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 81cc1c8aed10b0a25bfb0f4c0ec3f90946cd9c57dbe24af96e399c45ba31200d

Request headers

Accept: */*
Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: gzip
server: nginx
srvb: 127.0.0.1:8082
status: 200
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: http://152.89.104.167
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
srvf: 95.217.114.142

GET
DATA 200
OK truncated
/ Frame BBFA 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 313 KB
108 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8baea59d23fc57379856761f705b9962e61980e08aa1f154e74e64cc75933b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110145
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:07 GMT

GET
H2 200 video.png
ad.plus/ Frame BBFA 2 KB
2 KB 44ms
14ms Image
image/png 2606:4700:3036::681f:5cc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.plus/video.png
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5cc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b386b9f941431d7d28d044f6203a5d50854f6c051b593988207b0ad145d5589f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3168
status: 200
content-length: 1732
cf-request-id: 05c261d2ac00002be951325200000001
last-modified: Fri, 04 Oct 2019 21:49:08 GMT
server: cloudflare
etag: "6c4-5941cabf561c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602572827"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5e1738caacf22be9-FRA

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 56ms
55ms Image
image/gif 95.217.114.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1602572827235.9294&type=INIT&placementId=mTlWe3wmqLql0avA2aEPKwBnlmbGqxin706yXM1S-S-lkTnPOhAM&tagId=lj8-_NdrL5YhQltCjUqwXeqagmnAwig035-daZXe4frLjz37IOGs&vtId=S_l3CrQof9jrdTca-Ps7aFLW7LQGjCXvrcXLyk2LMpO5uOju9bPo&message=&u=http%3A%2F%2F152.89.104.167%2F&t=242&v=74&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=640&z=p%3Apl%3Bv%3AinPage%3B&r=0.35033268521462135
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.142 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: http://152.89.104.167
Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.142
content-length: 35

GET
H/1.1 200
OK bridge3.416.2_en.html
imasdk.googleapis.com/js/core/ Frame B848 0
0 11ms
5ms Document
text/html 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.416.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 201807
Date: Tue, 13 Oct 2020 06:26:05 GMT
Expires: Wed, 13 Oct 2021 06:26:05 GMT
Last-Modified: Thu, 08 Oct 2020 17:53:23 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2462

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:81c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:07 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 56ms
55ms Image
image/gif 95.217.114.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1602572827235.9294&type=OPPORTUNITY&placementId=mTlWe3wmqLql0avA2aEPKwBnlmbGqxin706yXM1S-S-lkTnPOhAM&tagId=lj8-_NdrL5YhQltCjUqwXeqagmnAwig035-daZXe4frLjz37IOGs&vtId=S_l3CrQof9jrdTca-Ps7aFLW7LQGjCXvrcXLyk2LMpO5uOju9bPo&message=&u=http%3A%2F%2F152.89.104.167%2F&t=344&v=74&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=640&z=p%3Apl%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.02856934605414896
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.142 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: http://152.89.104.167
Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.142
content-length: 35

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 56ms
55ms Image
image/gif 95.217.114.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1602572827235.9294&type=REQUEST&placementId=mTlWe3wmqLql0avA2aEPKwBnlmbGqxin706yXM1S-S-lkTnPOhAM&tagId=lj8-_NdrL5YhQltCjUqwXeqagmnAwig035-daZXe4frLjz37IOGs&vtId=S_l3CrQof9jrdTca-Ps7aFLW7LQGjCXvrcXLyk2LMpO5uOju9bPo&message=&u=http%3A%2F%2F152.89.104.167%2F&t=354&v=74&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=640&z=p%3Apl%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.6447178977822312
Requested by: Host: 152.89.104.167
URL: http://152.89.104.167/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.142 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: http://152.89.104.167
Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.142
content-length: 35

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 32ms
31ms Script
application/javascript 104.75.88.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-112.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Tue, 13 Oct 2020 07:07:07 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 49ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020100701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

547b1136f4302f099878219325b63bc477c276e6b3410e80bd8287301c182edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6746
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
graph.facebook.com/ 228 B
868 B 37ms
24ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/?id=https%3A%2F%2Fjar-download.com&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_drvz0
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Server: 2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9b8339f2003c85362cbb68bff39146f015b27787cc8b85f08f5513035862acc0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
X-FB-Debug: QpVEsPHH6kqwVk6OXfXUztQe0AMjfIZDiSbb62cb9CGzG1rDH8mtaRSddVeHsBn/b+GCN2E0JaRALy50hxYaqg==
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-trace-id: BjHBNAl2v2a
Date: Tue, 13 Oct 2020 07:07:07 GMT
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: ATBXmu_sipbgbvGJ1ROtYuJ
Cache-Control: no-store
x-fb-rev: 1002812608
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 228
facebook-api-version: v3.1
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

shares.json Show response
api-public-oci-origin.addthis.com/url/
Redirect Chain

http://api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_buop0
https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_buop0

36 B
292 B

480ms
162ms

Script
application/json

129.146.196.240
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_buop0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

1cfc452a715314ab3fe21e11c4b14a7d5bceac4c62409e5161dea2b28e63c5b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
surrogate-key: jar-download.com/
last-modified: Tue, 13 Oct 2020 07:07:08 GMT
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 36

Redirect headers

Location: https://api-public-oci-origin.addthis.com/url/shares.json?url=https%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_buop0
Date: Tue, 13 Oct 2020 07:07:07 GMT
Server: nginx/1.15.8
Connection: keep-alive
Content-Length: 171
X-Akamai-Path-Stats: [3:139435:5565]
Content-Type: text/html

GET
H/1.1 200
OK / Show response
graph.facebook.com/ 228 B
868 B 37ms
25ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: http://graph.facebook.com/?id=http%3A%2F%2Fjar-download.com&fields=og_object%7Bengagement%7D&callback=_ate.cbs.rcb_683l0
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: HTTP/1.1
Server: 2a03:2880:f01c:800e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ed7b150fdabe34e652be9cbf4461b3b1d88b070ccdf1435810373ab8163cf348

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
X-FB-Debug: G0tHT0pMdChnk4ypWs/ACQEoFqyTYGNR0EWdIA8kXNTdaAo/e/Xasib8QJXK4U9mBcE63bN8Jo92U/x6fhp4NQ==
WWW-Authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-trace-id: Gw2piWKc0Pq
Date: Tue, 13 Oct 2020 07:07:07 GMT
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
x-fb-request-id: AcjL9fo9HtKviK0NBWcQXDC
Cache-Control: no-store
x-fb-rev: 1002812608
Connection: keep-alive
Alt-Svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
Content-Length: 228
facebook-api-version: v3.1
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

shares.json Show response
api-public-oci-origin.addthis.com/url/
Redirect Chain

http://api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_ibmk0
https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_ibmk0

36 B
293 B

490ms
161ms

Script
application/json

129.146.196.240
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_ibmk0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.146.196.240 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

aeebbf06fe4244fd8284a281a8b94f1a8259c2849c06feee00223e036b4fc68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
surrogate-key: jar-download.com/
last-modified: Tue, 13 Oct 2020 07:07:08 GMT
server: nginx/1.15.8
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 36

Redirect headers

Location: https://api-public-oci-origin.addthis.com/url/shares.json?url=http%3A%2F%2Fjar-download.com&callback=_ate.cbs.rcb_ibmk0
Date: Tue, 13 Oct 2020 07:07:07 GMT
Server: nginx/1.15.8
Connection: keep-alive
Content-Length: 171
X-Akamai-Path-Stats: [3:139398:4294966898]
Content-Type: text/html

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:07 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 3AA1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://152.89.104.167/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://152.89.104.167/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Tue, 13 Oct 2020 06:48:44 GMT
expires: Wed, 13 Oct 2021 06:48:44 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1103
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
223 B 15ms
15ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020100701&jk=3007614270983529&bg=!_P-l_9_NAAWqWepuqliL2GvC00fooAIAAABCUgAAAAwKAUkrdwTiKT82T6bBk0SUXnLFbgwbyLMBbVG9YPKYWwfbI4KLpy6ORiNmDvQl8rJr0OdAg-x2Q4lSGwQ-aAPOzTjN1Qvg35n7HC5iwFoPDpSEbjPvdti-Li9_turhIH65mfB24t2cbEA2wyLu8q34IjgeO05AKRffaqrNqGlQKrl1iRmaZKjl3zbjmSTROvHktN1P66J4oksJqIiVocA32SIUQMBe6c5g_VvoFqc1g0vJGqbJ6XQGT9ubh1vvf0zHNq4FGlENtqMXtHIdUc23VYO01N_-JcVWY3jcXPIXgah_6jkOk2EU2e0HWtSIipnMzKvGQeKWA7L7E17VNiJK_VyvP5ASLEmOBuKBg9HUjtqmf75ktOrvu0CG37Sa10GFkgpF5rhkHbCpCI-7wxH9672zZ4Oyn_mEehybcktYGzrsQdyv7jHuO62kQZkBw6-_ME7G1pqzS9KOO5gFilM0lGslNwEm_YHQI4gV-lDFWPnBMUOaf2sIGLPRz2aer8J_gDhnVpANWN0mu-2nTuek_lrXaJToeVGNA8m5nk6NJdCRx4koaljf0n32JmtXWaXrCZCqPpBrw8NH27tTDm3apXzYfPxZsmWToY5KJlMtPoekDuNsZKJGMJT-KiJEgGMcQjsAGThHHUKWF8iqUylsXiYdR4x6knI1YW5Mnmp2yOMPFuM5oONYqcMJPIxzJRf4x_rPKG8zgFdipjrNC3nme0Ws19FCijGwgfCAGuh5LT2yTmyeWp4uK_YaYE7fOkDiYVdn51n3Tx7Mfbfo-J-36vdpuKdA8FU6XgP_yBIXX0LRnVBJimxrsI1dzOaISAqEe0bR0lw9nyudmPc8lU_AQzzu-k-nVZ8Y70xBqNUZsVEHPzNhe7sDOCLm_GtjghIG7tQQbsIf2gwdXKx0-2reKs8u-xchdtAU864i5sX5iPaK4Q17l24fRl0pnVk8NcmldZcu4YmvuuHVOYNOJG489SDi3Z8VhA3lK-9eudOjAqRGP598mBx0VA0K2Prd5ew2oNEMZJQZFrv1vhBdVBfvJVU

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Oct 2020 07:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bridge3.416.2_en.html
imasdk.googleapis.com/js/core/ Frame 3414 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.416.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 201807
Date: Tue, 13 Oct 2020 06:26:05 GMT
Expires: Wed, 13 Oct 2021 06:26:05 GMT
Last-Modified: Thu, 08 Oct 2020 17:53:23 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2462

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45acd9bda930883a46059e5228badc120eed552880a3e1de56cf00b610d8c98d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "661 / 15 of 1000 / last-modified: 1602541700"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17684
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:08 GMT

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 20 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

434d46a35ef7a3137120064f0311cc96c9ead6d400bec14b6176c425dd560fbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 06:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8215
x-xss-protection: 0
server: cafe
etag: 4618384636763923224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Oct 2020 07:48:48 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 56ms
55ms Image
image/gif 95.217.114.142
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1602572827235.9294&type=DEFAULT&placementId=mTlWe3wmqLql0avA2aEPKwBnlmbGqxin706yXM1S-S-lkTnPOhAM&tagId=lj8-_NdrL5YhQltCjUqwXeqagmnAwig035-daZXe4frLjz37IOGs&vtId=S_l3CrQof9jrdTca-Ps7aFLW7LQGjCXvrcXLyk2LMpO5uOju9bPo&message=&u=http%3A%2F%2F152.89.104.167%2F&t=1314&v=74&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=640&z=p%3Apl%3Bv%3AinPage%3B&r=0.4771481679726026
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.142 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: http://152.89.104.167
Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
server: nginx
srvb: 127.0.0.1:8082
status: 200
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.142
content-length: 35

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
11 KB 124ms
124ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3007614270983529&correlator=4142984515109880&output=ldjh&impl=fif&adsid=NT&eid=21067703%2C21065975%2C21067618%2C22316438%2C21067948&vrg=2020100701&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201013&iu_parts=21849154601%2CAd.Plus-AI-Responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250%7C970x90%7C336x280%7C300x250%7C250x250%7C400x300%7C480x320%7C320x250&cookie_enabled=1&bc=23&abxe=1&lmt=1602572828&dt=1602572828346&dlt=1602572826389&idt=559&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=399&adks=1877641301&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2F152.89.104.167%2F&dssz=29&icsg=2199027353642&std=0&vis=1&scr_x=0&scr_y=0&psz=994x90&msz=994x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1964584610.1602572827&ga_sid=1602572827&ga_hid=1506929484&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

32a26f202ed4cab2cc4033add3bc7599c346b5a63c589b59c222ec63b0674c2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10755
x-xss-protection: 0
google-lineitem-id: 5217748496
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293691521
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://152.89.104.167
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B14F 0
0 38ms
38ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXzEEUZyLwhFQV-0kKU9GOTQ3JlFRMhZqBVuBPxxOIFDKhWp9hXrN_-5V0KsO7qshw85Old4N4e7smRQ9UkfuF9Dd3031yR8nnui_JORYydfhLADVHWVTM3zz5XZx6RaeOUuA5hxrtGbx3YP0l4qZmBkZH0iFaN6ZJ2sXmnuZR1N68OSDN-uuBG6ykq1xpBQIIRiNYJ81duIZcyvC0ZFXwkmz5EuMnLnryxoU-RQ7keJs9vBV6cSJZJ63QKabLwioM4Nyo6gHV3O9E7HeGu-uqt2tsO3WcE3gZeN1M1is&sig=Cg0ArKJSzL_t2vSFj9caEAE&adurl=

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Oct 2020 07:07:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201008/r20110914/ Frame B14F 18 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201008/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

033dccc31e95d9f4b267d264f046f8584d4fb2741066e334cc35b88c6450d25e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 02:39:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7310
x-xss-protection: 0
server: cafe
etag: 8108057924216370432
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Oct 2020 02:39:02 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201008/r20110914/client/ Frame B14F 3 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201008/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 06:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Oct 2020 06:39:04 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B14F 75 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a3b80afb5b8fe9f9bc923d1b7550d652bfaf3d8d33ad453a6694e484215af6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602502693699453"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28907
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:08 GMT

GET
H/1.1 204
No Content l
www.google.com/ads/measurement/ Frame B14F 0
0 20ms
13ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.google.com/ads/measurement/l?ebcid=ALh7CaQT5aDWrZndeLQk5Z1q83Kj5M0vpzli4xsv-9uCIrAcxdGN8JKrdc7v_C6fl-gsouQ4xuMZWdO1gSOrQh69MSJsD5rjew
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js
Protocol: HTTP/1.1
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 9538144993183035413
tpc.googlesyndication.com/simgad/ Frame B14F 19 KB
19 KB 8ms
6ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9538144993183035413

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5be684b3f32f9246f5469a415c20b78764348ff8f0b87b7cb50934ff83c3ea83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 10:28:57 GMT
x-content-type-options: nosniff
age: 74291
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19820
x-xss-protection: 0
last-modified: Sat, 09 Nov 2019 01:38:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Oct 2021 10:28:57 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 13 Oct 2020 07:07:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602502693699453"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Tue, 13 Oct 2020 07:07:08 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B14F 0
21 B 38ms
38ms Image
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzFmRcC83R9bFBi-MQ9bzAVMzBZfOApFdRz4GLAOlLNuuqYtjeZri-KeBZ-0yfYtlg44kcSt5WCOUIl7wSyMZLhlVjZlZUHqCPFmmG_VC8tzAXl7b_sJaQwHzi5JlA1ltNbBSJHQiob1JGu8FppTPX9Sg9_AFfiW_1aGWTkHnD6a6tT_Ckws4Juk8wgVmK4E9brSk18UkNEOVKKcFWaZAJy4CJrIczLibL1vSsFvTKT5PSYyyIPk9wWEmoHvvfgp4deZK0IPDYN4druENcTl2mwms&sig=Cg0ArKJSzH4ihgCqLtQrEAE&adurl=

Requested by

Host: 152.89.104.167
URL: http://152.89.104.167/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 13 Oct 2020 07:07:08 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B14F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bfe6abeb1c9c17de5134f8ddc3dbc41f18ff86ab0325032757135d9271c650f

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B14F 42 B
93 B 15ms
14ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDPOHeOVBdfUs7Hr3rJsQxxEH7P9quayLMv9FNX5kNYbjItmLpbjaGX_g2q1SWM5gEYqXX9JcYU9ceJWVHZxy6P-0r70MKFhsRyXY5UCA&sig=Cg0ArKJSzFtPGa_geSrFEAE&adk=1877641301&tt=-1&bs=1600%2C1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&p=399,650,649,950&postrxl=1&mcvt=1009&rs=0&ht=0&tfs=110&tls=1119&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=25&md=2&btr=0&cpmav=0&lm=2&rst=1602572828490&dlt&rpt=71&isd=0&msd=0&xdi=0&bmi=1&ps=1600%2C2255&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-7-11-11-0-0-0&tvt=1113&is=300%2C250&iframe_loc=http%3A%2F%2F152.89.104.167%2F&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201012

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://152.89.104.167/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Oct 2020 07:07:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.addthis.com/	1970-01-19 22:39:50	Name: loc Value: MDAwMDBFVUZSMDAyMjg4MTgyMTA3ODAwMDBDSA==
152.89.104.167/	1970-01-19 13:09:34	Name: __atuvs Value: 5f85521a3e55a8bb000
152.89.104.167/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6200c29ef6f4b39437febbd1bc729df3
152.89.104.167/	1970-01-19 22:39:50	Name: __atuvc Value: 1%7C42
152.89.104.167/	1970-01-19 13:09:32	Name: _gat Value: 1
152.89.104.167/	1970-01-19 13:10:59	Name: _gid Value: GA1.1.183694911.1602572827
.addthis.com/	1970-01-19 22:39:50	Name: uvc Value: 1%7C42
152.89.104.167/	1970-01-20 06:40:44	Name: _ga Value: GA1.1.1964584610.1602572827

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100701.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/doubleclick-gpt/guides/passback-tags#construct_passback_tags for how to correctly create a passback.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a1126a9622b62dc1fb022a735f1a9183.safeframe.googlesyndication.com
ad.plus
adservice.google.com
adservice.google.de
api-public-oci-origin.addthis.com
api-public.addthis.com
cdn.ad.plus
graph.facebook.com
imasdk.googleapis.com
m.addthis.com
pagead2.googlesyndication.com
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
serving.stat-rock.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.paypalobjects.com
z.moatads.com
s7.addthis.com
104.111.216.96
104.111.228.123
104.75.88.112
129.146.196.240
152.89.104.167
172.217.22.98
2606:4700:3036::681f:5cc4
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:81c::2006
2a00:1450:4001:81f::2002
2a00:1450:4001:81f::200e
2a00:1450:4001:824::2001
2a00:1450:4001:825::200a
2a03:2880:f01c:800e:face:b00c:0:2
95.217.114.142
95.217.231.160
033dccc31e95d9f4b267d264f046f8584d4fb2741066e334cc35b88c6450d25e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
1a089fa89025be9210f9657962d22ad71cb2d7df6e4a15af751bfd97417c8ff2
1bfe6abeb1c9c17de5134f8ddc3dbc41f18ff86ab0325032757135d9271c650f
1cfc452a715314ab3fe21e11c4b14a7d5bceac4c62409e5161dea2b28e63c5b4
1f8bcae953e81414c47b24c1e8f76f4d4815ba0b0fda4b0b4379fa1e026d0d03
282fcaf831fc9dbb727c9ed1ab45ee6c2727709e61a04e4a4491fed871f48a60
2fc662a3ebf718abc977c5a88c592fa54798d5334c49e0c96240d5f2affac704
32a26f202ed4cab2cc4033add3bc7599c346b5a63c589b59c222ec63b0674c2b
38488db1bedc718dd241f5a449a4497435033622b54dd85eb70356108673d058
405f8354addef1122e5aa8e0792ff65778ae3ee2f4092be9d875b4c6ff8f5192
434d46a35ef7a3137120064f0311cc96c9ead6d400bec14b6176c425dd560fbf
45acd9bda930883a46059e5228badc120eed552880a3e1de56cf00b610d8c98d
4a3b80afb5b8fe9f9bc923d1b7550d652bfaf3d8d33ad453a6694e484215af6a
4d89fe878915363fb946ed51bc60593e90df39059bc1a05c717a0cd9ba5bf58d
547b1136f4302f099878219325b63bc477c276e6b3410e80bd8287301c182edd
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a13e74b05d986b6f4938d61078f38dab5a4bcd864f1d14b85adcfc3686414b5
5be684b3f32f9246f5469a415c20b78764348ff8f0b87b7cb50934ff83c3ea83
5c0383f36f1263adea86477d8bdb8df4575c46d0f8358e496abe1bc35afd0f81
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
7ee6e85a2f79ff3a3acc9655f71db591b468f6db903542ad66aff7451779f2ff
81cc1c8aed10b0a25bfb0f4c0ec3f90946cd9c57dbe24af96e399c45ba31200d
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
8baea59d23fc57379856761f705b9962e61980e08aa1f154e74e64cc75933b90
913acd692ab71c46f65f17681b48498aca23c8055094b4842adbdeb23da9eec5
9b8339f2003c85362cbb68bff39146f015b27787cc8b85f08f5513035862acc0
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a6130ad84501833836bd12c3824b1643d5c0f859792f1b616c1384d922c9ea27
aeebbf06fe4244fd8284a281a8b94f1a8259c2849c06feee00223e036b4fc68d
b386b9f941431d7d28d044f6203a5d50854f6c051b593988207b0ad145d5589f
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
d465577dd17e9313084bb7760806554f067970dcc4c6a7735137604d3a74be26
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ec7071b88df2f6fedb9f381725a3e823b8ce757173065ef65ca813229d4ecbd9
ed7b150fdabe34e652be9cbf4461b3b1d88b070ccdf1435810373ab8163cf348
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fad1c5124d46daa871961017fc1b31c10b49ea342c8ede89211b0afde482133d
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

152.89.104.167 Open in urlscan Pro 152.89.104.167 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

78 %HTTPS

53 %IPv6

15 Domains

22 Subdomains

18 IPs

5 Countries

880 kBTransfer

2437 kBSize

8 Cookies

6 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

152.89.104.167 Open in urlscan Pro
152.89.104.167 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

78 %
HTTPS

53 %
IPv6

15
Domains

22
Subdomains

18
IPs

5
Countries

880 kB
Transfer

2437 kB
Size

8
Cookies

58 HTTP transactions
3 data transactions